portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3033::681c:1def Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portalmanaus24h.com.br/images/banners/Smiles/
Submission: On December 02 via api (December 2nd 2020, 3:36:09 pm UTC) from BR

Summary HTTP 173 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 37 IPs in 10 countries across 33 domains to perform 173 HTTP transactions. The main IP is 2606:4700:3033::681c:1def, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalmanaus24h.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2020. Valid for: a year.

This is the only time portalmanaus24h.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3033::681c:1def	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
16	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
5	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
13	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1 14	199.187.193.130 199.187.193.130	47043 (SMARTADSE...) (SMARTADSERVER)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
15	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2 4	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 5	35.158.172.137 35.158.172.137	16509 (AMAZON-02) (AMAZON-02)
1 1	65.9.68.126 65.9.68.126	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	52.17.171.52 52.17.171.52	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
6	2606:4700:303... 2606:4700:3030::6812:3ff4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	104.16.200.58 104.16.200.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
1 10	2.19.34.195 2.19.34.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	157.245.136.40 157.245.136.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2404:6800:400... 2404:6800:4005:804::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3033::6812:3ef4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
173	37

17 2606:4700:3033::681c:1def (United States)

ASN13335 (CLOUDFLARENET, US)

portalmanaus24h.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

cdn.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lqdads-7405.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 199.187.193.130 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

ads.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.212.16 (Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.158.172.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.126 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.171.52 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6812:3ff4 (United States)

ASN13335 (CLOUDFLARENET, US)

d.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba1a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

creatives.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.200.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.144 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.19.34.195 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9c82bb527ae63213806aa97d8c016bf5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

83d39d00154562d32d0a45b1f3416c9d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
91596f85ab6da49e823ac1dee22c135f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.136.40 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

delivery.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:804::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6812:3ef4 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 9c82bb527ae63213806aa97d8c016bf5.safeframe.googlesyndication.com 83d39d00154562d32d0a45b1f3416c9d.safeframe.googlesyndication.com 91596f85ab6da49e823ac1dee22c135f.safeframe.googlesyndication.com	182 KB
18	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	375 KB
17	portalmanaus24h.com.br portalmanaus24h.com.br	430 KB
16	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	160 KB
15	simpleads.com.br 1 redirects cdn.simpleads.com.br ads.simpleads.com.br	34 KB
14	gstatic.com fonts.gstatic.com csi.gstatic.com	133 KB
12	liquidadserver.com.br d.liquidadserver.com.br delivery.liquidadserver.com.br tracker.liquidadserver.com.br	173 KB
10	scorecardresearch.com 1 redirects sb.scorecardresearch.com	6 KB
6	glotgrx.com pre.glotgrx.com	999 B
6	yabidos.com pixel.yabidos.com	74 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	googletagservices.com www.googletagservices.com	140 KB
5	ip-api.com pro.ip-api.com	2 KB
4	sascdn.com creatives.sascdn.com ced-ns.sascdn.com	14 KB
4	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	572 B
4	google.com adservice.google.com	1 KB
3	kxcdn.com lqdads-7405.kxcdn.com	2 KB
3	google.fr adservice.google.fr	1 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	smartadserver.com 2 redirects sync.smartadserver.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
2	facebook.net connect.facebook.net	61 KB
1	lentainform.com cm.lentainform.com	559 B
1	idealmedia.io cm.idealmedia.io	556 B
1	onetag-sys.com onetag-sys.com	176 B
1	smadex.com 1 redirects cm.smadex.com	524 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	649 B
1	cloudflare.com ajax.cloudflare.com	4 KB
173	33

	Domain	Requested by
17	portalmanaus24h.com.br	portalmanaus24h.com.br ajax.cloudflare.com
14	securepubads.g.doubleclick.net	creatives.sascdn.com securepubads.g.doubleclick.net portalmanaus24h.com.br
14	ads.simpleads.com.br	1 redirects cdn.simpleads.com.br ads.simpleads.com.br
13	fonts.gstatic.com	fonts.googleapis.com
10	sb.scorecardresearch.com	1 redirects portalmanaus24h.com.br creatives.sascdn.com
10	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
7	cm.mgid.com	jsc.mgid.com
6	tracker.liquidadserver.com.br	d.liquidadserver.com.br portalmanaus24h.com.br
6	pre.glotgrx.com
6	pixel.yabidos.com	ads.simpleads.com.br pixel.yabidos.com
5	x.bidswitch.net	5 redirects
5	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	pro.ip-api.com	cdn.simpleads.com.br d.liquidadserver.com.br
4	s-img.mgid.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	lqdads-7405.kxcdn.com	d.liquidadserver.com.br
3	delivery.liquidadserver.com.br	d.liquidadserver.com.br
3	adservice.google.fr	securepubads.g.doubleclick.net
3	creatives.sascdn.com	ads.simpleads.com.br
3	d.liquidadserver.com.br	ads.simpleads.com.br
3	fonts.googleapis.com	portalmanaus24h.com.br
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	sync.smartadserver.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com ads.simpleads.com.br
2	secure-assets.rubiconproject.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.mgid.com	jsc.mgid.com
2	www.googletagmanager.com	ajax.cloudflare.com cdn.simpleads.com.br
2	connect.facebook.net	ajax.cloudflare.com connect.facebook.net
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	91596f85ab6da49e823ac1dee22c135f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	83d39d00154562d32d0a45b1f3416c9d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	9c82bb527ae63213806aa97d8c016bf5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ced-ns.sascdn.com
1	c.mgid.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.lentainform.com
1	cm.g.doubleclick.net	1 redirects
1	cm.idealmedia.io
1	onetag-sys.com
1	cm.smadex.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	jsc.mgid.com	ajax.cloudflare.com
1	cdn.simpleads.com.br	ajax.cloudflare.com
1	ajax.cloudflare.com	portalmanaus24h.com.br
173	51

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
widgets.mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
cdn.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-04-27` - `2022-07-26`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-05` - `2021-11-04`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
ads.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2019-02-08` - `2021-02-07`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
*.google.fr GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
delivery.liquidadserver.com.br Let's Encrypt Authority X3	`2020-09-12` - `2020-12-11`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh

This page contains 19 frames:

Primary Page: https://portalmanaus24h.com.br/images/banners/Smiles/
Frame ID: 0587AA1C40813B306A5CF54BF27CE0C5
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 61F91EC9783C179054323F1B82E1C9B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606923353&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923353126&bpp=28&bdt=2674&idt=365&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4792120040216&frm=20&pv=2&ga_vid=1390782657.1606923354&ga_sid=1606923354&ga_hid=1763829513&ga_fc=0&iag=0&icsg=197788400&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2955962265445993&pem=402&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=djifHorOZk&p=https%3A//portalmanaus24h.com.br&dtd=400
Frame ID: BE00F7A63E7079BCB420BE9C1A9EBFEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606923353&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923353154&bpp=3&bdt=2702&idt=436&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4792120040216&frm=20&pv=1&ga_vid=1390782657.1606923354&ga_sid=1606923354&ga_hid=1763829513&ga_fc=0&iag=0&icsg=35150889712&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2955962265445993&pem=402&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=449
Frame ID: FFD0CFEB74909274A0A13D51C80F8C85
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1606923353828600061839
Frame ID: FE7DFFCFE2DD391DA8A1EA9B961C79A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 73B88235567BF1E163D18CE0ED736A96
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 85E971CC1A42B8FCDA628C47E6160526
Requests: 1 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: A974D084F6EC1E20B347787248E8B5CB
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B15BE7BDABFE4B8B0A94BBE66D2514AD
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: 850B35D00CA5C86B647401A9D71FF811
Requests: 1 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: BAAF0C45AEAA00F6E632C1D5F5C68D87
Requests: 6 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: F562D5C732C05F4ADB8BC42AA8896822
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1B219B6D91BC0FAB73D3D532EE85BC19
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: E5F038461ED3BC3353A09059888277B7
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4kg5Z0o6VmU_DHErRQdhgMSSRoDesyrRsRYxEzZ5OfgRk9hKBUbNYN2DstACcRpCL_h05MYblW5Q1IEwNvdJKaNfspemvT-EGL-S2jRXqevgUysV8aL14ZaYBTsgvJct5zb7d0HuNvHBv4fOe1Ikg8ugwlZnQD7MHrUdlMmDldbPMqJQw7ZmfDQ3LnddQh8ZJh4EXoR-qZf0xurr83Ud2p0X_bfrgtNWZJYHz4KzXE8LTyX-KY7x8B7C4Yp2maVWYfUncnQWd1-wffOijkZxpcsIkGlZzIL5Z_WqcdoVa6T8_xcptTBR9U91YHKW_Jrwgc1I&sig=Cg0ArKJSzB4phRRu9lWSEAE&urlfix=1&adurl=
Frame ID: F5F6E8B5C6480580B2959E09326BA8F1
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXXjabqt_fTk_HhximMJDOZoZD29S7-f8AD15n1ANdFuoilnjQGKlKfCy8UwqF5Dj99njOeMsfm-XMYFK0TsQu0SNPEc9ZHDLJflSdffxmoOguhT56l7qQegXpPghZiK6qNlToulCaO7a8Aa319YVZfB8YVc4R314NY0O4-4rAXb430lByHzA0eCVGCmwQfb1cdb1L7Y_Q8VTMrRhnQarLNRYvaDOrbK-KJPbMZcsmO6kr6DnPb0k5BJe3G2DJds0jRSVu8YboSrgS9MbipgmeRMhrF4Qk5FckJIjQc2I&sig=Cg0ArKJSzK78y6MVnVzCEAE&urlfix=1&adurl=
Frame ID: A72415C2D5ED1E8CC135B56D411C53DE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 3A5201439C0626EA1C4DB50B06A23989
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: FD7C0819A86C1A9F197A80B801D62D25
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 307A84A82635AC7221A8B775F67BF8C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

173
Requests

100 %
HTTPS

56 %
IPv6

33
Domains

51
Subdomains

37
IPs

10
Countries

1884 kB
Transfer

5691 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portalmanaus24h
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalmanaus24h/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCw6yPx7ZXiDwdb1aVejW93A?view_as=subscriber
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=portalmanaus24h.com.br&utm_medium=referral&utm_campaign=widgets&utm_content=1037079

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805577/i/57371692/0/pp/1/1?h=24V8lGLI4pxDN8La-Df6UyatUVUbW-7JA7WvWUtuV3nm0R6I7nUtGa2ZVqmqzhv0&rid=103d6fbc-34b4-11eb-a5da-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805581/i/57371692/0/pp/2/1?h=24V8lGLI4pxDN8La-Df6U3TZPlXmZmKRQSn9lI17QMdCfQc9RZYBQeAHTPNEMbbR&rid=103d6fbc-34b4-11eb-a5da-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4039680/i/57371692/0/pp/3/1?h=24V8lGLI4pxDN8La-Df6U3XWlm0fJFNZluwPD6PInp5MuhxFO0V_J9Ae00k-IvWd&rid=103d6fbc-34b4-11eb-a5da-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4074794/i/57371692/0/pp/4/1?h=24V8lGLI4pxDN8La-Df6UwuUoUEri3OTYh2C-jHOgsCyzzAxrSJojTgZypN3H2HR&rid=103d6fbc-34b4-11eb-a5da-d094662f8ab5&tt=Direct&cpm=1&iv=11

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 67

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=d4ea714d-0b25-480b-8b49-19b017c18931 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=a114a755-a64a-41e2-bf12-f693795a3e88&expires=10&ssp=mgid&bsw_param=d4ea714d-0b25-480b-8b49-19b017c18931 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=

Request Chain 68

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb2RxVZTH2z7 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb2RxVZTH2z7 HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=

Request Chain 69

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=c2772565-42c8-4974-be4f-83e3013d3d51

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=dc400af1-f317-4d54-8242-68d0fa63842d&ttl=1609515354

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IyUnhWWlRIMno3&muidn=kb2RxVZTH2z7 HTTP 302
https://cm.mgid.com/google?muidn=kb2RxVZTH2z7&google_ula={guid},5&google_gid=CAESEFxacEra66pAy02kOfHAmkw&google_cver=1

Request Chain 74

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=oEdLZJk8K6pMOmk4Sbyj&pi=mgid&tc=1

Request Chain 77

https://ads.simpleads.com.br/2447/call HTTP 307
https://ads.simpleads.com.br/2447/call?cklb=1

Request Chain 91

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fads.simpleads.com.br%2Fsetuid%3Fuid%3D%5Bsas_uid%5D&cklb=1 HTTP 302
https://ads.simpleads.com.br/setuid?uid=7691387142712698630

Request Chain 94

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622&cs_ak_ss=1

Request Chain 98

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

173 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
portalmanaus24h.com.br/images/banners/Smiles/ 56 KB
9 KB 1186ms
1160ms Document
text/html 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: 6fa5aaac0b16af7acb39443b2d6991db21c3691230835181dc66ee2010e29e50

Request headers

:method: GET
:authority: portalmanaus24h.com.br
:scheme: https
:path: /images/banners/Smiles/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8de3737284a0b54da89baa9efc6e02c71606923349; expires=Fri, 01-Jan-21 15:35:49 GMT; path=/; domain=.portalmanaus24h.com.br; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 06c5b1852c00001f354a1b4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2Bo%2FY14%2Fu20wXS%2BgjzsMtRgZEQA0%2BIrtXJ%2BqnY1OFINOMwdiSy6yJuJ8Cl8%2F9pGkspxGq98DaKAxe4JO%2Fq5uFUpj8CluaGWUPLvgiel3kcsEgogqgw1m0AfPvEHMu7a5F%2Fxj"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fb61eb519d21f35-FRA
content-encoding: br

GET
H2 200 b17b1.css
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 1 MB
106 KB 2263ms
2261ms Stylesheet
text/css 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/b17b1.css?c843f
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caba80ceef27c670532ed625070172d0e9deb6affb63de928df8b8541ff4129a

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06c5b189bf00001f358fb12000000001
last-modified: Wed, 02 Dec 2020 15:25:54 GMT
server: cloudflare
etag: W/"108029-5fc7b202-33531493a8786ee0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MQu%2B8TeDd1Qf9e1YCBKXTGg8FwCcc5svKpYnLm1xUcxqSUH9gs1macssirhKTEMwFW28W%2F4mq7hfWeLLjnq0MT4nH%2BLoBPZ%2BMCS6Gywj90nWLSW2oy9yqXU08Tsnwhdae2%2F9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb61ebc6b1e1f35-FRA
expires: Thu, 02 Dec 2021 21:35:51 GMT

GET
H2 200 logo-portal-200-x-50.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 7 KB
7 KB 14ms
13ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/logo-portal-200-x-50.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:50 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 129632
content-length: 6865
cf-request-id: 06c5b189bd00001f35592b0000000001
last-modified: Wed, 04 Nov 2020 16:12:10 GMT
server: cloudflare
etag: "1ad1-5fa2d2da-c463a7f6523411b4;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HI9%2FRpPJRaMD0iKu9Jd%2F%2FhNLIqrlJxYHQB4UhjgLkWmsbAq0NNc0dxTkRICr9vL1X6buXAkK9224fIZBsBuzuz%2BlEUtUJ7SeYY3xf9u1RBKOyfX4Ri0SYN3lAFZTEBL6koi0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ebc6b221f35-FRA
expires: Wed, 01 Dec 2021 09:35:18 GMT

GET
H2 200 email-decode.min.js Show response
portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06c5b189bd00001f3535289000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wVW1SYpGHfMlsYhh2PxHeyBPdzuIeDLBjUUpfZHsNpnuJaYn33rvNEN2UxYFsaj39aIa2pic%2FxRQ3kLgNSW3OPaPgTSmte7JOL2Wl8feQqDJD1jwSNKJ6t%2By59qlYOhorHuU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fb61ebc6b251f35-FRA
expires: Fri, 04 Dec 2020 15:35:50 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 18ms
17ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 06c5b189c10000d70d2b940000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B7cjwiuoFYXoWDsWvjEx3cyaXUyzLt8GenI7KosUij07llyN8tX6gppdRu4879JKC51g9nS1NLY3qz%2FG53vnS8qp0Xd1rYzrvWIbd%2B5nENC73QjdUQDykGKHQZpSzcyH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fb61ebc6c31d70d-FRA
expires: Fri, 04 Dec 2020 15:35:50 GMT

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 teatro-amazonas-Copia-300x225.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 9 KB
10 KB 12ms
11ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/teatro-amazonas-Copia-300x225.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/b17b1.css?c843f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b

Request headers

Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/b17b1.css?c843f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 129631
content-length: 9627
cf-request-id: 06c5b192c300001f357889f000000001
last-modified: Wed, 04 Nov 2020 16:26:57 GMT
server: cloudflare
etag: "259b-5fa2d651-c4603b825ee32933;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pne%2B0J8jU%2Bk3wp%2BCHJOzU0lxMuHlRnIGIqn9CNpUPb9r5tq1auFIU3qSjtuq2eIPTd7wRaqh4YuxASxbphxVZbRrdXCtMP%2FzbG5bS%2BI1ufumCAvcPC64q%2BW%2BaFHngrGAkmkI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ecadb4d1f35-FRA
expires: Wed, 01 Dec 2021 09:35:21 GMT

GET
H2 200 newspaper.woff
portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/ 122 KB
67 KB 34ms
34ms Font
application/font-woff 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/b17b1.css?c843f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/b17b1.css?c843f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 225367
cf-request-id: 06c5b192c400001f35a90d8000000001
last-modified: Wed, 04 Nov 2020 14:06:50 GMT
server: cloudflare
etag: W/"1e8ec-5fa2b57a-cc7a1c15277c6427;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nDuRHBp4dWxMbXsDQp45QLIhBjEBt10FR2gNSiKg9L8AIcvHkE3KLuPqpPXaKtCiIxsoqMo0KC84Jq8jREhKFPYpdL2wfofIsGBFq0vU6vrHPQTksbsKyLam7%2FalBaeoOTmz"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb61ecadb501f35-FRA
expires: Tue, 30 Nov 2021 06:59:45 GMT

GET
H2 200 0b1c9.js
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 315 KB
0 36ms
33ms Script
application/x-javascript 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/0b1c9.js?28cd2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32648
cf-polished: origSize=322212
cf-bgj: minify
cf-request-id: 06c5b193ed00001f35450c7000000001
last-modified: Wed, 02 Dec 2020 04:39:08 GMT
server: cloudflare
etag: W/"4eaa4-5fc71a6c-57061f13d7c68fad;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fKpJASR%2BfX5bFD%2FxJlCwWUFNdSkgwROvIiO9H9N9IVQH4V%2FwIGyORJwVNL6UNvt%2FwD60IMNIwu1Y0x218dol3mbEkG0mQXJv%2FEx9So%2BPBPF%2FDqf%2BgAeuwKc7Nnf8STMTgxvN"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb61eccafa71f35-FRA
expires: Thu, 02 Dec 2021 12:31:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 129 KB
44 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b18ad37f9a3ede082154d3a0f80e096ac44f72407b07c2530a9cbe20b52d0253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45265
x-xss-protection: 0
server: cafe
etag: 4631651015791465471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21906f4f635a0b8968a9087c803b2714e7ed2ed818ce61276b4fab8da3f1b82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iORQn1/O2PG0omfDfvmNQA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
etag: "30ecbacb6c19b5aaeb8b47c3bf665bd9"
x-fb-debug: RQ8N8GNTUfS5rrYvvixEnIIppXoQp5uITb74jqzsK4Tl6wLC9UYRgIqreEvamUeTgAkOeurIh7RZzZ9tEahuVA==
x-fb-trip-id: 664085054
x-fb-content-md5: fa776745e663dccec0c767d6207e6f49
x-frame-options: DENY
date: Wed, 02 Dec 2020 15:35:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 15:51:18 GMT

GET
H2 200 show.js Show response
cdn.simpleads.com.br/v2/s321679/p1144737/ 3 KB
2 KB 23ms
6ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine / PHP/5.6.29

Resource Hash

6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edge-location: defr
x-powered-by: PHP/5.6.29
x-cache: HIT
content-length: 1487
x-shield: active
server: keycdn-engine
etag: "16588bd9df4256d00eaf8c21f90747f4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
link: <http://tag.simpleads.com.br/v2/s321679/p1144737/show.js>; rel="canonical"
expires: Wed, 02 Dec 2020 16:35:53 GMT

GET
H2 200 portalmanaus24h.com.br.1037079.js Show response
jsc.mgid.com/p/o/ 208 KB
55 KB 114ms
74ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 822C6FC023BCA5DC
cf-polished: origSize=213131
last-modified: Mon, 23 Nov 2020 11:07:38 GMT
x-amz-id-2: aeifAkBBSAGB6x9QljYGCAWJrwrkIvEhynMQnAUZgPPtUauXNPnKeZJG3PZ5/SO9aJKfxVjJ940=
cf-bgj: minify
server: cloudflare
etag: W/"d4ce96bfbfcd049163f9b45f5000cad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 06c5b194150000b799c8381000000001
cf-ray: 5fb61ecced13b799-CDG
expires: Wed, 02 Dec 2020 18:35:53 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38695
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H2 200 jquery.js Show response
portalmanaus24h.com.br/wp-includes/js/jquery/ 95 KB
32 KB 28ms
26ms Script
application/x-javascript 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-includes/js/jquery/jquery.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 281952
cf-polished: origSize=96873
cf-bgj: minify
cf-request-id: 06c5b193ea00001f3542af4000000001
last-modified: Wed, 04 Nov 2020 14:05:22 GMT
server: cloudflare
etag: W/"17a69-5fa2b522-4a0f1b1f2e607d36;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nuUFIYi1Ky8j6EToj6fhC9VOFsL2Eli1WhGd7Ho8T5%2FfBZCo4uJCjIMcRdUTs%2FenHHRtj7KgOUeWzeaxBomzM09vUOiww3hs54nnAshzS1EAVRyMO1mKQL3eVrY8rpkigS8%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb61eccafae1f35-FRA
expires: Mon, 29 Nov 2021 15:16:41 GMT

GET
H2 200 webfontloader.min.js Show response
portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 23ms
22ms Script
application/x-javascript 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 175931
cf-request-id: 06c5b193eb00001f3560b7f000000001
last-modified: Wed, 04 Nov 2020 14:05:50 GMT
server: cloudflare
etag: W/"2f42-5fa2b53e-5975bb5f335f005e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xKttg9pdFgssAD0phXySqCWKMI9i7%2B7gMh9aHlr9lfSYI8QW52MPnYuNszJsVe%2BOIEGpalA6OyUiScXo%2FK2MZREDJtYcG5OekL5Ze04pvqDYvXb9ogxxK7N0ExgSRWHCTFNI"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb61eccafb21f35-FRA
expires: Tue, 30 Nov 2021 20:43:42 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 231 KB
87 KB 51ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 61F9 0
0 8ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/images/banners/Smiles/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 02 Dec 2020 00:54:53 GMT
expires: Wed, 16 Dec 2020 00:54:53 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 52860
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 21ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 15:35:53 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 15:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 266 B
422 B 24ms
23ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=BRsrCTcgCy7FxIl
Requested by: Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 15:35:53 GMT
Content-Length: 266
Content-Type: application/json; charset=utf-8

GET
H2 200 0b1c9.js Show response
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 315 KB
69 KB 32ms
30ms Script
application/x-javascript 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/0b1c9.js?28cd2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b814a0e6838c13703ff30b18c890ed768ccd67432553ff953d83b3d589db73

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32648
cf-polished: origSize=322212
cf-bgj: minify
cf-request-id: 06c5b1946200001f354f850000000001
last-modified: Wed, 02 Dec 2020 04:39:08 GMT
server: cloudflare
etag: W/"4eaa4-5fc71a6c-57061f13d7c68fad;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WNGMG4bjfDuBzMb1%2Fc0uYUkASqau6nArG9PN54Da8FocMZQljnGyLgV4eIq5HPibmRpW18kYX9rTQ6au7TzK052yip4Ovn2A9c3Jzrajsd%2BsGFElp2sQxGcGJ8EmuFqPOrig"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb61ecd69491f35-FRA
expires: Thu, 02 Dec 2021 12:31:45 GMT

OPTIONS
H/1.1 200
OK /
pro.ip-api.com/json/ Frame 0
0 78ms
23ms Other 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=BRsrCTcgCy7FxIl
Protocol: HTTP/1.1
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 7200
Date: Wed, 02 Dec 2020 15:35:53 GMT
Content-Length: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 195 KB
59 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=5bb8084350093f49427816d957ad81ea&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f96f545c5578e53167400f8e466da0109fccbc9efecdc9e5dc6004765a8f323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eXWC+my5etMC+MPPEKyYxQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60131
etag: "70859c9b44e93b2aa3ddd461ef6451cf"
x-fb-debug: idBj5LOSS85vDkxMDr96/iao6qw5GDdb0qQWCcP9CLaK/yi10TFJxi7c9cTPCxK3tfGFubVQyvTrxcVzyu5y8w==
x-fb-trip-id: 664085054
x-fb-content-md5: 97f4601ca603dfaa730130476064b509
x-frame-options: DENY
date: Wed, 02 Dec 2020 15:35:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 02 Dec 2021 15:07:35 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:47:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 31728
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:47:05 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 18:45:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 161414
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 30 Nov 2021 18:45:39 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 25 Nov 2020 16:29:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 601568
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 25 Nov 2021 16:29:45 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 22:38:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 61061
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 22:38:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 80128
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 530857
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:08:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 145777
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 30 Nov 2021 23:06:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 10:07:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 19714
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 02 Dec 2021 10:07:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 14:37:41 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 15:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
611 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 14:24:25 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 15:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 41ms
33ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 6428
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fb61ecebe5ab799-CDG
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06c5b195310000b799e6903000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK smart.js Show response
ads.simpleads.com.br/tag/2447/ 32 KB
12 KB 660ms
134ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/tag/2447/smart.js
Requested by: Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cache-control: public,max-age=300
transfer-encoding: chunked
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
28 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q83CDM

Requested by

Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28205
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:47:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 31728
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:47:05 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 530857
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:08:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 145777
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 30 Nov 2021 23:06:16 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 80128
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 09:05:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 541803
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 26 Nov 2021 09:05:50 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
649 B 361ms
42ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portalmanaus24h.com.br&callback=_gfp_s_&client=ca-pub-3689238491183238

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e9da952f400368764a583af6e3c6583fedfff01ec083111c8df58fbd9da7aec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 17ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 17ms
17ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BE00 0
0 117ms
116ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606923353&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923353126&bpp=28&bdt=2674&idt=365&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4792120040216&frm=20&pv=2&ga_vid=1390782657.1606923354&ga_sid=1606923354&ga_hid=1763829513&ga_fc=0&iag=0&icsg=197788400&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2955962265445993&pem=402&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=djifHorOZk&p=https%3A//portalmanaus24h.com.br&dtd=400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606923353&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923353126&bpp=28&bdt=2674&idt=365&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4792120040216&frm=20&pv=2&ga_vid=1390782657.1606923354&ga_sid=1606923354&ga_hid=1763829513&ga_fc=0&iag=0&icsg=197788400&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2955962265445993&pem=402&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=djifHorOZk&p=https%3A//portalmanaus24h.com.br&dtd=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/images/banners/Smiles/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Dec 2020 15:35:53 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 02-Dec-2020 15:50:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Dec 2020 15:35:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1037079/ 3 KB
2 KB 87ms
80ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1037079/1?w=1600&h=406&cols=2&pv=5&cbuster=1606923353561325741798&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&lu=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&pageView=1&pvid=17624187ddcb37169d4&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d1b58328ec54739787facc52cd5ececaf5062c05e1ac56e8249b85d121317d9

Request headers

Referer: https://portalmanaus24h.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ecfeef1b799-CDG
cf-request-id: 06c5b195ed0000b799da31b000000001

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame FFD0 0
0 55ms
50ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606923353&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923353154&bpp=3&bdt=2702&idt=436&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4792120040216&frm=20&pv=1&ga_vid=1390782657.1606923354&ga_sid=1606923354&ga_hid=1763829513&ga_fc=0&iag=0&icsg=35150889712&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2955962265445993&pem=402&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=449

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606923353&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923353154&bpp=3&bdt=2702&idt=436&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4792120040216&frm=20&pv=1&ga_vid=1390782657.1606923354&ga_sid=1606923354&ga_hid=1763829513&ga_fc=0&iag=0&icsg=35150889712&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2955962265445993&pem=402&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=449
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/images/banners/Smiles/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Dec 2020 15:35:53 GMT
server: cafe
content-length: 3263
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 02-Dec-2020 15:50:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Dec 2020 15:35:53 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6364
date: Wed, 02 Dec 2020 13:49:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 02 Dec 2020 15:49:49 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 51ms
28ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ce463f1cab479d58319e9d4e3ce864a8351155e893b21a2f2eb97e5b296f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6565
x-xss-protection: 0

GET
H2 200 Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 11 KB
11 KB 13ms
12ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32687
content-length: 11031
cf-request-id: 06c5b1966600001f352f0c1000000001
last-modified: Wed, 02 Dec 2020 04:03:16 GMT
server: cloudflare
etag: "2b17-5fc71204-114c793111d34a58;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sTf%2BQYzI%2FORebRXqT3qgt0UWgWlPEPLjmcwLkroq%2F2XGjZajytc2Mxm5Z6lGgCYMzxKlQKZljT2c3NdXI5yqCCshFpXngvX48am1uKCRTY6zejocmsIMmW6pUQgTCA1s0lUj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ed0a8631f35-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:53 GMT

GET
H2 200 policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 29ms
29ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32687
content-length: 14839
cf-request-id: 06c5b196b400001f35a0844000000001
last-modified: Wed, 02 Dec 2020 03:45:11 GMT
server: cloudflare
etag: "39f7-5fc70dc7-36dafe64893e01fa;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nqheaw0iZwY%2BNuF4Kv%2BGnz4nwWiH2gY39ldkln9sVL0x8OCxDMfpk0L9dn2ol9zak9fDeST1X%2FAI%2B%2FFDoXZD2E2lsnEsEjpGzIV7XZLclGtoG51nodD58oHN%2FYTmBV9bc7fk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ed1196a1f35-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
840 B 33ms
28ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 6428
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fb61ed1682ab799-CDG
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06c5b196e50000b799cc843000000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
710 B 82ms
76ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1606923353820922041147
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99fe9d7d8caaba3f9300dd5fd5d7d9f9ea9d0a17b801a0ea802e169d6550b9a

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 971cb8e8-4f4d-43a9-ab04-25f7a89f11dd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed1782fb799-CDG
cf-request-id: 06c5b196ea0000b799da32d000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame FE7D 19 B
293 B 81ms
79ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1606923353828600061839
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: f2bd5322-9809-44a6-b6d0-ccc7c6f42d58
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed17838b799-CDG
cf-request-id: 06c5b196ee0000b799f938d000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp
s-img.mgid.com/g/3805577/492x277/0x25x1024x682/ 25 KB
25 KB 64ms
58ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805577/492x277/0x25x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp?v=1606923353-mtFzfxN92KnkPWKBka2Shpye_q8V0TMdYHCBul_5QXc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1ff770ee94af9e8f67024dc47152e273cd1e7a087424a6276c80893521adcf

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:24:30 GMT
x-mg-request-uuid: 47ae2a83-8ff9-4830-961b-bcbfa4ed57bd
age: 2465942
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb61ed18846b799-CDG
content-length: 25714
cf-request-id: 06c5b196fa0000b799f9ba0000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp
s-img.mgid.com/g/3805581/492x277/0x205x800x533/ 15 KB
16 KB 65ms
60ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805581/492x277/0x205x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp?v=1606923353-GvMlvEbO4S_IjSsQ9l-Q89DkOTje9_vBTn6D-sqDkdI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13017fbdfa3b0ad91b5afbd537b31a95b3b94f1828f7d58161ab6ae80837b1bf

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:27:03 GMT
x-mg-request-uuid: a7749594-d232-4101-bb80-605dcefc67c7
age: 2465148
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb61ed18844b799-CDG
content-length: 15662
cf-request-id: 06c5b196fa0000b799d20b3000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E1NzEyMTdhMDM3ZDc1NDFjYjI2MjYxMDljMDM5ZTE1LmpwZWc.webp
s-img.mgid.com/g/4039680/492x277/0x138x640x426/ 18 KB
19 KB 61ms
56ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4039680/492x277/0x138x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E1NzEyMTdhMDM3ZDc1NDFjYjI2MjYxMDljMDM5ZTE1LmpwZWc.webp?v=1606923353-jvHDy7AZ7d2qn_aaZCBgBKhz7njlsmxrlwTW1r2RIMs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a75ac388615ee4a4fa7f57e3b818de3bdaba6d43abcb01bcfa909494d9bfb5

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:12:59 GMT
x-mg-request-uuid: 40f5989b-2229-42d3-9afd-183d52a7b7a7
age: 2371531
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb61ed18848b799-CDG
content-length: 18850
cf-request-id: 06c5b196fa0000b799e0344000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M3ZTc4NDYxMDUzZjFjMDEyNmQ1NDg2ODVjOTk4ZDcyLmpwZWc.webp
s-img.mgid.com/g/4074794/492x277/0x0x905x603/ 39 KB
39 KB 39ms
34ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4074794/492x277/0x0x905x603/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M3ZTc4NDYxMDUzZjFjMDEyNmQ1NDg2ODVjOTk4ZDcyLmpwZWc.webp?v=1606923353-b4YBRxodT_gPwbmqXwyakNIJn68m2UCV5D20mx2clb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 411b05f1084e53ee5fd0b5f9013deca198cdbcb043895c3e8ee76463edf4b5aa

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:26:54 GMT
x-mg-request-uuid: 9a59df37-526f-4b3f-b236-d7f9225e6b57
age: 2383900
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb61ed1884ab799-CDG
content-length: 39884
cf-request-id: 06c5b196fa0000b799d7b21000000001
server: cloudflare

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
70 B 16ms
15ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1763829513&t=pageview&_s=1&dl=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Portal%20Manaus%2024h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=116248223&gjid=1913184994&cid=1390782657.1606923354&tid=UA-184185299-1&_gid=199190214.1606923354&_r=1&did=dZTNiMT&gtm=2oub41&z=1159094784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 6 KB
6 KB 33ms
30ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 42089
content-length: 6117
cf-request-id: 06c5b1971500001f354bb4c000000001
last-modified: Wed, 02 Dec 2020 03:07:13 GMT
server: cloudflare
etag: "17e5-5fc704e1-eb7aeef10c6536bd;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qfC2fPA4KdUTZseGkWy4jX7xbo5jwA62KfMR7rWFBnTNeE76u%2Br3v7cYiGxHOAwCpk1sXbUR2t6U2%2BupUwE8yN7Nqz7JNHmLm0FXLCsgHYNED6yf8jH458jOxVQbWO%2FsuQb4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ed1bad11f35-FRA
expires: Thu, 02 Dec 2021 09:54:24 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 73B8 0
0 83ms
40ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/images/banners/Smiles/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:19:04 GMT
expires: Thu, 02 Dec 2021 15:19:04 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1009
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 30ms
27ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43760
content-length: 14821
cf-request-id: 06c5b1974b00001f35a0851000000001
last-modified: Wed, 02 Dec 2020 02:52:05 GMT
server: cloudflare
etag: "39e5-5fc70155-810feab01173b349;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FuTPZ9I4gNFVDfsInmeR0PgUK%2BzBozFeV1mTr5j70yhC4%2FudXmIMNVD0hnmwjXEqKrr%2Beday7%2BReqlq2BX93dKOArUIELxEs%2F6j47e3pIh3MtQ8RG8dtXVyKed3uBIh0ytNb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ed21ba61f35-FRA
expires: Thu, 02 Dec 2021 09:26:33 GMT

GET
H2 200 Video-mostra-mulher-dando-surra-no-namorado-veja-o-video-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 6 KB
6 KB 59ms
15ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Video-mostra-mulher-dando-surra-no-namorado-veja-o-video-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b33196a232ed91cb8132457039c35a87201dfa05c14ff22d82f3494135444d

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43759
content-length: 6089
cf-request-id: 06c5b1979e00001f3542b4d000000001
last-modified: Wed, 02 Dec 2020 02:08:58 GMT
server: cloudflare
etag: "17c9-5fc6f73a-84969f60d8d63b5a;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=selafA9%2FKUL%2BNrfUKnu%2Foq%2BeNtKwQiOn60CEWHb2ccD3mYlAi7fck1B8YDblxfHpY0ORhS36iautkVVk4s%2BIKmqsAkxHQc5Eq0wy2gRhm4aOJyXMLKqlZzcxIwcnWGbfi%2F2D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ed29cc81f35-FRA
expires: Thu, 02 Dec 2021 09:26:35 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 85E9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

83ms
23ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1606923353820922041147
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Dec 2020 15:35:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 02 Dec 2020 15:35:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=d4ea714d-0b25-480b-8b49-19b017c18931
https://x.bidswitch.net/sync?dsp_id=340&user_id=a114a755-a64a-41e2-bf12-f693795a3e88&expires=10&ssp=mgid&bsw_param=d4ea714d-0b25-480b-8b49-19b017c18931
https://cm.mgid.com/m?cdsp=433145&c=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=

43 B
242 B

73ms
71ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ea6ad994-fa5f-4871-9076-590bfe212db4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed51ab6b799-CDG
cf-request-id: 06c5b1992b0000b799f030a000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
onetag-sys.com/match/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb2RxVZTH2z7
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb2RxVZTH2z7
https://onetag-sys.com/match/?int_id=30&uid=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=

0
176 B

90ms
29ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=d4ea714d-0b25-480b-8b49-19b017c18931&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=c2772565-42c8-4974-be4f-83e3013d3d51

43 B
258 B

124ms
123ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=c2772565-42c8-4974-be4f-83e3013d3d51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 777aab3f-2167-4e9c-b609-de1d96ddd3d2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed6fc0eb799-CDG
cf-request-id: 06c5b19a570000b799c89fa000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=c2772565-42c8-4974-be4f-83e3013d3d51
date: Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=dc400af1-f317-4d54-8242-68d0fa63842d&ttl=1609515354

43 B
235 B

82ms
77ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=dc400af1-f317-4d54-8242-68d0fa63842d&ttl=1609515354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6bccde55-ccfb-44c2-9a33-4bdd94d21309
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed3e9f9b799-CDG
cf-request-id: 06c5b198720000b799dc863000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=dc400af1-f317-4d54-8242-68d0fa63842d&ttl=1609515354
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 164ms
81ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=kb2RxVZTH2z7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fb61ed31f0ea8a9-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06c5b197eb0000a8a94d0e5000000001

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IyUnhWWlRIMno3&muidn=kb2RxVZTH2z7
https://cm.mgid.com/google?muidn=kb2RxVZTH2z7&google_ula={guid},5&google_gid=CAESEFxacEra66pAy02kOfHAmkw&google_cver=1

0
377 B

75ms
74ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=kb2RxVZTH2z7&google_ula={guid},5&google_gid=CAESEFxacEra66pAy02kOfHAmkw&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed389cab799-CDG
cf-request-id: 06c5b198340000b799cc858000000001

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=kb2RxVZTH2z7&google_ula={guid},5&google_gid=CAESEFxacEra66pAy02kOfHAmkw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
559 B 142ms
71ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=kb2RxVZTH2z7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fb61ed30ae0eda7-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06c5b197e70000eda7c5b8e000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=oEdLZJk8K6pMOmk4Sbyj&pi=mgid&tc=1

43 B
241 B

78ms
75ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=oEdLZJk8K6pMOmk4Sbyj&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 878b8e11-0a10-4ef0-92d5-ec3b4edac1b9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed4eaa0b799-CDG
cf-request-id: 06c5b1990d0000b799d9995000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=oEdLZJk8K6pMOmk4Sbyj&pi=mgid&tc=1
pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT, Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Sindicato-anuncia-paralisacao-dos-onibus-a-partir-da-proxima-quinta-feira-3.-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
14 KB 31ms
28ms Image
image/jpeg 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Sindicato-anuncia-paralisacao-dos-onibus-a-partir-da-proxima-quinta-feira-3.-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139293969a3af52128cec6885aae531bd55ddf25f4e43ff1e9b1ff624b78ee69

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47743
content-length: 13847
cf-request-id: 06c5b197b200001f35ab946000000001
last-modified: Wed, 02 Dec 2020 01:10:58 GMT
server: cloudflare
etag: "3617-5fc6e9a2-c5d7b394a249bfb7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FanIA1OEVsLXUQw8Mxj8p71plqPBKDhajtxzQvdvDcnUI7Qs1qXMM0whr4ODrcF3gTV5o%2BxEuIFx8hiWGNfRgESK0jpnFDa91SnWBXpIW9FD4zXGL5J0BMbx06mqXfcgme9O"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb61ed2bd131f35-FRA
expires: Thu, 02 Dec 2021 08:20:11 GMT

OPTIONS
H/1.1 200
OK call
ads.simpleads.com.br/2447/ Frame 0
0 420ms
171ms Other 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call
Protocol: HTTP/1.1
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Dec 2020 15:35:54 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://portalmanaus24h.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H/1.1

200
OK

call Show response
ads.simpleads.com.br/2447/
Redirect Chain

https://ads.simpleads.com.br/2447/call
https://ads.simpleads.com.br/2447/call?cklb=1

5 KB
1014 B

130ms
130ms

XHR
application/json

199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call?cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 511ac19a268dc2f8389832cd65011820e2acaf6b5bb4301d3965423f82d62c23

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
location: https://ads.simpleads.com.br/2447/call?cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 17ms
15ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=2955962265445993&bg=!-_il-NjNAAVGySeIRliSky2MVxHasgIAAACqUgAAAA5oAQcKAVT0RItCqNJ7l_of27xjL7Vc96chpjpoDTIDtiKceAvOJ53f_jl5xKGlnLCAMdppbz5KSQyCGM5zvkbGpaUbBAllJI2LPat1eITwSzLN7fmg7x3hmjd-OgbaudF3OGNeRdfxl4deqBcB_tordRFWcQ1aPplZWqz0uYUj1zLN3ZqpoIn8_WGzm4_FX3Pru3nAY4IR9Mc3jh-tjny6hvCeu2_7YkQ5BJ9_FpBpwbzEaVVkw6ZYBBFGpEV0af0qRzjQ8xqvK0_y2KCBS5oKO_WhkYx4phU-pvieIhOZKvvTNcqRPN9s2LIaHgZLHSCsH5OTr_vDwfgevI4zhLj2zavgr6UkGqDhw9hY9AbQ3KEQdtrcHt2W4FpBRHxcfP705S_gsnqjUxd30Pfram9AAayEkyg6Y7QPZxY2HJ5zhK0A0DTwHA9Th5F6BGnLUP3WURbpvN1J9hudmQG_zKxUZU03skhd7C7D1SKFjru7nDneMmAloQPU1zQqguWcyM2u3QUrpD52U1n8va8VnbcWyicmQ0ZSSx23SrzIRlqfVq3xxU6UQryprPCHJKNh0IF9sMEdDVrJzEvJCYjtibQdLD5QH7w_8Vep5cM68hN4lyOJXfbIC3kJ1Kvl94f1YVDGT7-CcjSDNPi_aYJAbG3wXW3ihUi3knSH2Dmx6fSCiMjqOCaCTOhpIkrxVcNbfOM6uMlpsOKecgkiAmqGHKTi8KBURU6b3cwXwIvHtYrH4CopI40VuM6gu103vKP8q0RTaJokOx3M7RarIbyOZkNwXiemCIMAspIrWiTLd-kLaSEcLyhMstqOHbR3O4rz8lMnZacMeEDSxQkzRACUmZzQcEBFxVWr9htypCS-NRWzS12l1lsNKY6eOOswU9sTv6swvHcydCyi7cthUK_RWQSFUvEmNv94YA2t0AtbKN7CRopZW2m3Rwuq5Vc-5X065PfzN3CtClkuXhyTtLOZFsO9Qc9UCwBOMmOBa0coJ-cLOlZ9Ca_Of84-coBBMoPFVsRzHbGWznIQPMWcRBsGWMVw_RA_5E4l0m9udDL3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK call
ads.simpleads.com.br/2447/ Frame 0
0 123ms
122ms Other 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call?cklb=1
Protocol: HTTP/1.1
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Dec 2020 15:35:54 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://portalmanaus24h.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 345 B
578 B 198ms
196ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52896&tag=smp_52896&tmstp=8746201622&visit=S&uii=391637003933459511&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=9592408%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: f5f7d4c5edb8e6c7edc69f46ba7d8054a4d75996694fb428dfc37185fadb964e

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 24 KB
8 KB 128ms
126ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=8746201622&visit=S&uii=391637003933459512&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 6d630367a19a8d846c033feec64b4f351b3aa365e3cee3ef058b008f6e46ffda

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055129
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 18 KB
6 KB 253ms
124ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=8746201622&visit=S&uii=391637003933459513&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: b65b833e4d2a06fe3e13a7e1bd545a0996692295c84963c1e2dbc579fd128005

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9024423
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 16 KB
4 KB 320ms
122ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=8746201622&visit=S&uii=391637003933459514&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: f31238f6176fb461d8ded325b2c56a1410f86c5dd0b6d60a1c1f31d2ec297ca2

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055518
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 373ms
125ms Image
image/gif 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52025&tmstp=8746201622&visit=S&uii=391637003933459515&acd=1606923354950&ckid=0&pubid=1&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=2233352946
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 371ms
123ms Image
image/gif 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52893&tmstp=8746201622&visit=S&uii=391637003933459516&acd=1606923354950&ckid=0&pubid=1&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=6841357404
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 243ms
123ms Image
image/gif 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52895&tmstp=8746201622&visit=S&uii=391637003933459517&acd=1606923354950&ckid=0&pubid=1&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=3893999049
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:55 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 c
c.mgid.com/ 43 B
352 B 109ms
100ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=784|185|8|24V8lGLI4pxDN8La-Df6UwuUoUEri3OTYh2C-jHOgsCyzzAxrSJojTgZypN3H2HR&fw=1&extjs=66044&v=784|185|8|24V8lGLI4pxDN8La-Df6U3XWlm0fJFNZluwPD6PInp5MuhxFO0V_J9Ae00k-IvWd&v=784|184|8|24V8lGLI4pxDN8La-Df6UyatUVUbW-7JA7WvWUtuV3nm0R6I7nUtGa2ZVqmqzhv0&v=784|184|8|24V8lGLI4pxDN8La-Df6U3TZPlXmZmKRQSn9lI17QMdCfQc9RZYBQeAHTPNEMbbR&cid=1037079&h2=_IqHHECS4sm7TQFWqEkmfXiIRCw5aJaSpM4M_SpA4o4*&rid=103d6fbc-34b4-11eb-a5da-d094662f8ab5&tt=Direct&pageImp=1&muid=kb2RxVZTH2z7&cbuster=1606923355073474082274&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5324e5bf-0a21-413b-a3ac-e50f6a68ed52
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb61ed94d42b799-CDG
cf-request-id: 06c5b19bd20000b799c7866000000001
server: cloudflare

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame A974 177 KB
55 KB 67ms
44ms Script
application/javascript 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=8746201622&visit=S&uii=391637003933459512&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c5b19c3900001782fbba4000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rucy4Iye%2F6M0gT50xTTDaIDpZKurstY1F1SecRu130N1ElJjOVOZUw6C0UYx37Y3oN8h8I7Z3%2FPMVVLNJupxoLqK%2BYe1kjn4EesJr4Jj1Acq1JIZc8Mnpxvf3fIZl%2BHiQyfs5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb61ed9fbd81782-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 15:35:55 GMT

GET
H/1.1 200
OK sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js Show response
creatives.sascdn.com/diff/2447/6880103/ 18 KB
5 KB 41ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=8746201622&visit=S&uii=391637003933459512&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 15:46:25 GMT
Server: AkamaiNetStorage
ETag: "b904ac1715c52a81ea6d60f6d99141c8:1601480785.399798"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5176
Expires: Thu, 02 Dec 2021 15:35:55 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 68ms
25ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055129&nai=52026&adtg=smp_52026&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1127252698&di=
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=8746201622&visit=S&uii=391637003933459512&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61eda1a48ee79-CDG
content-length: 1146
cf-request-id: 06c5b19c530000ee79d90c6000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H/1.1

200
OK

setuid
ads.simpleads.com.br/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fads.simpleads.com.br%2Fsetuid%3Fuid%3D%5Bsas_uid%5D&cklb=1
https://ads.simpleads.com.br/setuid?uid=7691387142712698630

0
315 B

127ms
126ms

Image
text/plain

199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/setuid?uid=7691387142712698630
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:55 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://ads.simpleads.com.br/setuid?uid=7691387142712698630
pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B15B 53 KB
18 KB 105ms
38ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 777 of 1000 / last-modified: 1606911066"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:55 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame B15B 1 KB
1 KB 80ms
32ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 15:35:55 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame B15B
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622&cs_ak_ss=1

43 B
460 B

34ms
25ms

Image
image/gif

2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622&cs_ak_ss=1
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:35:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 02 Dec 2020 15:35:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 156ms
124ms Image
image/gif 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52896&tmstp=8746201622&visit=S&uii=391637003933459511&acd=1606923354950&ckid=0&pubid=1&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=7613436634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:54 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 22ms
21ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1606923355242&ver1=2.2.3&qid=034393f5534393f5734363&rnd=7tlcogba91ck&cid=647
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055129&nai=52026&adtg=smp_52026&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1127252698&di=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61eda7b3bee79-CDG
content-length: 23972
cf-request-id: 06c5b19c8f0000ee79de885000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame A974 266 B
422 B 25ms
25ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Length: 266
Content-Type: application/json; charset=utf-8

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 850B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

0
0

34ms
33ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=8746201622&visit=S&uii=391637003933459513&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Dec 2020 15:35:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date: Wed, 02 Dec 2020 15:35:55 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK dhtml-ad-simpleads-ads-05-beta4.js Show response
creatives.sascdn.com/diff/2447/6880103/ 14 KB
4 KB 10ms
6ms Script
application/x-javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=8746201622&visit=S&uii=391637003933459513&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 13:31:13 GMT
Server: Apache
ETag: "64cb55210c8391cc9ffb3a0c84bf565d:1568899873"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4022
Expires: Thu, 02 Dec 2021 15:35:55 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
1 KB 26ms
23ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=9024423&nai=52892&adtg=smp_52892&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1962406737&di=
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=8746201622&visit=S&uii=391637003933459513&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edaab92ee79-CDG
content-length: 1146
cf-request-id: 06c5b19ca50000ee79a72b4000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
114 B 47ms
17ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1606923355346&rnd=7tlcogba91ck&ifm=0&uai=2&cid=647&s=https%253A//portalmanaus24h.com.br&p=2447&x=SmartAdserver&adtg=smp_52026&ats=0&atf=smp_52026&nsi=&si=321679&nci=8055129&nai=52026&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2040
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edb4d86bf05-FRA
content-length: 26
cf-request-id: 06c5b19d0c0000bf051f1b1000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
445 B 45ms
15ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1606923355338752&ver=1.2r81&qid=034393f5534393f5734363&p=2447&s=https%253A//portalmanaus24h.com.br&x=SmartAdserver&cid=647&od1=&od2=&adtg=smp_52026&nci=8055129&nai=52026&si=321679&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=7tlcogba91ck&impid=&tps=39&ver1=2.2.3&di=&flcb=1127252698&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&ip=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=smp_52026&dbgcid=647&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=57&icp=https%253A//portalmanaus24h.com.br/images/banners/Smiles/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-4-s-fl-36-x-fl-13-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-9-nci-fl-7-nai-fl-5-si-fl-6-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-di-fl-0-flcb-fl-10-ua-fl-132-ip-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_10_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2034
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edb4d8abf05-FRA
content-length: 26
cf-request-id: 06c5b19d0c0000bf05f9ae4000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame BAAF 177 KB
55 KB 52ms
52ms Script
application/javascript 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=8746201622&visit=S&uii=391637003933459513&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c5b19cf200001782fbbb7000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GEEOxF%2FhV0SCZ3%2Fmf%2BfteZDaVoZBFbGUO4X9U83ClDx2bTLntzSro%2FGbt8sJgKVicW4pu%2Br4hWDlBMgRg7kqis02hUojQM6agCrErqDXupC%2B1TFwDsgtT8XDg49hEaOA%2FK9ijg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb61edb1e801782-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 15:35:55 GMT

GET
H2 404 /
portalmanaus24h.com.br/images/banners/Smiles/ 56 KB
56 KB 1418ms
1416ms Image
text/html 2606:4700:3033::681c:1def
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: 45e223c7b0bbeb7daf57b0dd63044080eab8b993af2644dfaae04204d21821e3

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.11
x-litespeed-cache: hit
cf-request-id: 06c5b19d0b00001f353289a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jZj63t%2BHcssE1o5FaUSi0MB5R4eruIsVD%2Fhq0SfbafLXQyVKQccrbu6bkrkAvrzlluDfo8XuBZuu%2BVanoNBVFhBkeNIFFC56eW2hGh8DT1wvFzagoCoDe9k0d1SASAHt6xRL"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb61edb498f1f35-FRA
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 556 B
556 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: img/png

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame B15B 0
399 B 25ms
24ms Image
text/plain 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606923355439&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:35:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B15B 277 KB
98 KB 189ms
153ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:55 GMT

GET
H/1.1 200
OK sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js Show response
creatives.sascdn.com/diff/2447/6880103/ 8 KB
3 KB 11ms
6ms Script
application/x-javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=8746201622&visit=S&uii=391637003933459514&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Apr 2020 19:54:21 GMT
Server: AkamaiNetStorage
ETag: "20736de8ce69da81b561b8d000b50604:1587671661"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2548
Expires: Thu, 02 Dec 2021 15:35:55 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame F562 177 KB
54 KB 31ms
30ms Script
application/javascript 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=8746201622&visit=S&uii=391637003933459514&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c5b19d7d000017826d02f000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SrlF2BrHVWgLGBI9a8iqOtkAnEsfmCdb236vuVWJk9Jn2GARpLHVN4FS%2BPFR5AfNr35ZszSYK9qL0egOJDogqqBxTW%2BZcC2MPF02RE0D%2F0wIuFhOUXTFOuae5o2yyGIjmAkhwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb61edbf87c1782-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 15:35:55 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
1 KB 25ms
24ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055518&nai=52027&adtg=smp_52027&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1113059032&di=
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=8746201622&visit=S&uii=391637003933459514&acd=1606923354950&ckid=0&async=1&pubid=1&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edc0e69ee79-CDG
content-length: 1146
cf-request-id: 06c5b19d860000ee79943af000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 24ms
22ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1606923355479&ver1=2.2.3&qid=034393f5534393f5734363&rnd=ndl5yxhkdr87&cid=647
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=9024423&nai=52892&adtg=smp_52892&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1962406737&di=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edc1e92ee79-CDG
content-length: 23972
cf-request-id: 06c5b19d910000ee79cc20c000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1B21 53 KB
18 KB 168ms
161ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 931 of 1000 / last-modified: 1606911066"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:55 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 1B21 1 KB
1 KB 34ms
26ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 15:35:55 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ Frame 1B21 43 B
460 B 33ms
25ms Image
image/gif 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622
Requested by: Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:35:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame BAAF 266 B
422 B 25ms
24ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Length: 266
Content-Type: application/json; charset=utf-8

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E5F0 53 KB
18 KB 83ms
82ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 929 of 1000 / last-modified: 1606911066"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:55 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame E5F0 1 KB
1 KB 26ms
25ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 15:35:55 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ Frame E5F0 43 B
460 B 25ms
24ms Image
image/gif 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=8746201622
Requested by: Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:35:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 close_54x54.png
ced-ns.sascdn.com/diff/templates/images/ 1 KB
1 KB 69ms
16ms Image
image/png 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close_54x54.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FAA) /
Resource Hash: 76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
last-modified: Thu, 20 Mar 2014 16:32:28 GMT
server: ECS (pab/6FAA)
age: 2183
etag: "70c31bd388f7006acdb8aa3d4bcbe99a:1395333148"
x-cache: HIT
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1351

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
110 B 17ms
16ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1606923355709&rnd=ndl5yxhkdr87&ifm=0&uai=2&cid=647&s=https%253A//portalmanaus24h.com.br&p=2447&x=SmartAdserver&adtg=smp_52892&ats=0&atf=smp_52892&nsi=&si=321679&nci=9024423&nai=52892&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2040
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edd4ee9bf05-FRA
content-length: 26
cf-request-id: 06c5b19e4f0000bf05e38e2000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
110 B 18ms
18ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1606923355682664&ver=1.2r81&qid=034393f5534393f5734363&p=2447&s=https%253A//portalmanaus24h.com.br&x=SmartAdserver&cid=647&od1=&od2=&adtg=smp_52892&nci=9024423&nai=52892&si=321679&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=ndl5yxhkdr87&impid=&tps=42&ver1=2.2.3&di=&flcb=1962406737&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&ip=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=smp_52892&dbgcid=647&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=57&icp=https%253A//portalmanaus24h.com.br/images/banners/Smiles/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-4-s-fl-36-x-fl-13-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-9-nci-fl-7-nai-fl-5-si-fl-6-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-di-fl-0-flcb-fl-10-ua-fl-132-ip-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_10_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2034
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edd4eebbf05-FRA
content-length: 26
cf-request-id: 06c5b19e500000bf0500be4000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 1B21 0
399 B 27ms
26ms Image
text/plain 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606923355741&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:35:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 24ms
24ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1606923355663&ver1=2.2.3&qid=034393f5534393f5734363&rnd=xk7j92mtq8ph&cid=647
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055518&nai=52027&adtg=smp_52027&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1113059032&di=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edd79a1ee79-CDG
content-length: 23972
cf-request-id: 06c5b19e670000ee79c5a98000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame F562 266 B
422 B 24ms
23ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 15:35:55 GMT
Content-Length: 266
Content-Type: application/json; charset=utf-8

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame E5F0 0
399 B 23ms
23ms Image
text/plain 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606923355817&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:35:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ Frame B15B 109 B
803 B 51ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B15B 109 B
781 B 54ms
33ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B15B 4 KB
3 KB 182ms
181ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3917261640619065&correlator=4273168417495840&output=ldjh&impl=fifs&eid=21065112%2C21068811&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_primeiro_impacto%2Cad_primeiro_impacto_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=480x320%7C580x400%7C1000x540%7C1024x768%7C640x480%7C1260x400%7C970x250&cookie=ID%3D3bf6e4e119bcf540-220c30707fa600af%3AT%3D1606923353%3ART%3D1606923353%3AS%3DALNI_MbkX9_QgmBOZvdFVYVnUFzAXS9W6w&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606923355&dt=1606923355845&dlt=1606923355217&idt=610&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=235222445&ucis=x26eu7b4qua8&ifi=1&ifk=3319467962&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&top=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1390782657.1606923354&ga_sid=1606923356&ga_hid=634392858&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

fe9ee1a91d99db395e98628e316dc5da7ed699134fa64b7e88ea8dba0d35e522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2376
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138241121365
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9c82bb527ae63213806aa97d8c016bf5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B15B 0
0 83ms
38ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9c82bb527ae63213806aa97d8c016bf5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1B21 277 KB
98 KB 41ms
40ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:55 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
110 B 18ms
14ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1606923355937&rnd=xk7j92mtq8ph&ifm=0&uai=2&cid=647&s=https%253A//portalmanaus24h.com.br&p=2447&x=SmartAdserver&adtg=smp_52027&ats=0&atf=smp_52027&nsi=&si=321679&nci=8055518&nai=52027&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2040
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edebfe4bf05-FRA
content-length: 26
cf-request-id: 06c5b19f300000bf05f0066000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
110 B 25ms
21ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1606923355926928&ver=1.2r81&qid=034393f5534393f5734363&p=2447&s=https%253A//portalmanaus24h.com.br&x=SmartAdserver&cid=647&od1=&od2=&adtg=smp_52027&nci=8055518&nai=52027&si=321679&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=xk7j92mtq8ph&impid=&tps=43&ver1=2.2.3&di=&flcb=1113059032&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&ip=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=smp_52027&dbgcid=647&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=57&icp=https%253A//portalmanaus24h.com.br/images/banners/Smiles/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-4-s-fl-36-x-fl-13-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-9-nci-fl-7-nai-fl-5-si-fl-6-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-di-fl-0-flcb-fl-10-ua-fl-132-ip-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_10_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2034
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb61edebfe7bf05-FRA
content-length: 26
cf-request-id: 06c5b19f310000bf05e835e000000001
expires: Wed, 02 Dec 2020 17:35:55 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E5F0 277 KB
98 KB 39ms
36ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:55 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 1B21 109 B
127 B 20ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1B21 109 B
150 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1B21 468 B
289 B 114ms
113ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1325125863648585&correlator=419094475142868&output=ldjh&impl=fifs&eid=21068480%2C21066705&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_slider%2Cad_slider_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x100%7C240x133%7C300x250%7C200x200%7C336x280%7C250x250%7C300x300%7C320x100&fluid=height&cookie=ID%3D3bf6e4e119bcf540-220c30707fa600af%3AT%3D1606923353%3ART%3D1606923353%3AS%3DALNI_MbkX9_QgmBOZvdFVYVnUFzAXS9W6w&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606923356&dt=1606923356040&dlt=1606923355382&idt=644&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1057568192&ucis=yax1u3elhw0z&ifi=1&ifk=3319467962&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&top=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1390782657.1606923354&ga_sid=1606923356&ga_hid=1487612501&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e23cd607c06073b14edf3d9798b4b9945582bcaa9ea13c4b298a044c1ccc5db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
83d39d00154562d32d0a45b1f3416c9d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1B21 0
0 87ms
38ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://83d39d00154562d32d0a45b1f3416c9d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5F6 0
0 47ms
39ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4kg5Z0o6VmU_DHErRQdhgMSSRoDesyrRsRYxEzZ5OfgRk9hKBUbNYN2DstACcRpCL_h05MYblW5Q1IEwNvdJKaNfspemvT-EGL-S2jRXqevgUysV8aL14ZaYBTsgvJct5zb7d0HuNvHBv4fOe1Ikg8ugwlZnQD7MHrUdlMmDldbPMqJQw7ZmfDQ3LnddQh8ZJh4EXoR-qZf0xurr83Ud2p0X_bfrgtNWZJYHz4KzXE8LTyX-KY7x8B7C4Yp2maVWYfUncnQWd1-wffOijkZxpcsIkGlZzIL5Z_WqcdoVa6T8_xcptTBR9U91YHKW_Jrwgc1I&sig=Cg0ArKJSzB4phRRu9lWSEAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5F6 75 KB
29 KB 50ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:56 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B15B 73 KB
28 KB 47ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:56 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B15B 8 KB
7 KB 49ms
33ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47dfaa9450acf1a146385f5e74528c304c823ee1e41c7aec8b947c523d11cf58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6422
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.fr/adsid/ Frame E5F0 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame E5F0 109 B
127 B 18ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E5F0 6 KB
3 KB 129ms
129ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3112428283883189&correlator=49719738287594&output=ldjh&impl=fifs&eid=21068813&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_footer%2Cad_footer_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x66%7C980x90%7C980x120%7C750x100%7C960x90%7C468x60%7C970x90%7C950x90&cookie=ID%3D3bf6e4e119bcf540%3AT%3D1606923353%3AS%3DALNI_Mb8l43WQfEHmVEzopnamOliU-JGpw&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606923356&dt=1606923356103&dlt=1606923355639&idt=445&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1291662414&ucis=5qnycztdmnwv&ifi=1&ifk=3319467962&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&top=https%3A%2F%2Fportalmanaus24h.com.br%2Fimages%2Fbanners%2FSmiles%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1390782657.1606923354&ga_sid=1606923356&ga_hid=523338829&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

79635cdac8c6cb4b980286f9e79808b9ef3144185fbc8f72bf8b639f23ce30b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3154
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138240973907
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
91596f85ab6da49e823ac1dee22c135f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E5F0 0
0 61ms
39ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://91596f85ab6da49e823ac1dee22c135f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B15B 16 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:56 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5F6 0
22 B 41ms
41ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEEAOQvsnj-KHTisDOXCegLBbuBCYoI6HvMiDbAtHPSZydh8oDRsb0R0CwBh0miR9NBV4LyOxJKe4yQwqUew-_OYwmmLk64JX_SDch9ESTJmARY_A6pSJJsbfyLxcebcupXHoJSIX_m_cv9E6K-GEYYBSOEKK7sXefSBqJu84iWcFuoPUIax8asqs976KHZQE2SanUB9cyj988yTnWda_oxKK3yChn3nDK6pGTf4egx1RtxqNR08HfWldPagNxJwClDHD9jrhG84wyyMKF30AUlApP7c_Dk8MswePE9xCTxFNKgV7uNS0oow61Qo7byh06NL3t0A&sig=Cg0ArKJSzNzVQLd98VnQEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B21 9 KB
7 KB 21ms
20ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11dee26cfd14a1898c831c35196794b9ba75363fbbf5acf40270bacb57a4c332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6772
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B21 16 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:56 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A724 0
0 38ms
37ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXXjabqt_fTk_HhximMJDOZoZD29S7-f8AD15n1ANdFuoilnjQGKlKfCy8UwqF5Dj99njOeMsfm-XMYFK0TsQu0SNPEc9ZHDLJflSdffxmoOguhT56l7qQegXpPghZiK6qNlToulCaO7a8Aa319YVZfB8YVc4R314NY0O4-4rAXb430lByHzA0eCVGCmwQfb1cdb1L7Y_Q8VTMrRhnQarLNRYvaDOrbK-KJPbMZcsmO6kr6DnPb0k5BJe3G2DJds0jRSVu8YboSrgS9MbipgmeRMhrF4Qk5FckJIjQc2I&sig=Cg0ArKJSzK78y6MVnVzCEAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A724 75 KB
29 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:56 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5F0 73 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:56 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E5F0 8 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72ef8fc0e7c6ef5023d61b4e03168d1e5ba4d82f0a8d57ee2d68f9b2a0fa2ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6399
x-xss-protection: 0

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame A974 6 KB
2 KB 294ms
94ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=France&state=%C3%8Ele-de-France&city=Paris&latitude=48.9335&longitude=2.3661&stid=72b03950ae4683b73171db4632666b05
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: e1f6ea9655273a4004c50ca9ef91f4e5a0614b07e169c903e257b2366519db9e

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:56 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16dd-iTvPZNyUrWAK1eheexevz16HS8Y"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3A52 0
0 24ms
23ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/images/banners/Smiles/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:19:04 GMT
expires: Thu, 02 Dec 2021 15:19:04 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1012
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E5F0 16 KB
6 KB 67ms
40ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:35:56 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame FD7C 0
0 23ms
14ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/images/banners/Smiles/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:19:04 GMT
expires: Thu, 02 Dec 2021 15:19:04 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1012
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A724 0
22 B 41ms
41ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2DkapSyBuCcu6TwQZ6u3z_a4RDvUNp-SdWsi5x0GLg87lm8gfZX_cmfkDqacvEqpdCKHilDRzo_a9qscom1ScAInJB5-l-zk6K1bX6I2VShlRwgGPGk9gwaF-XeKNoBRQ7AHRmoPiw2VAzlBQvK8fNx5-R99w_FYo9ofYIOYiOzWUUaMRNOiVWDh1P-TtV8UpMbWheV0D-EnQgGPOJAmtWREJD3vApfq3JezU6lkxLYhxplu-hENn7PsYxZQPLXRvCDH_HiltZ_MuhOeHr5MMJ47HbaiJEpDyO53jdENzkQ&sig=Cg0ArKJSzBOjtHJPV8HSEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:35:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame BAAF 6 KB
2 KB 244ms
94ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=France&state=%C3%8Ele-de-France&city=Paris&latitude=48.9335&longitude=2.3661&stid=72b03950ae4683b73171db4632666b05
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: 33c0d02e3a7b7a00e95861d39e12c40af3336027300a562262f0d31ea6ce4b7e

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:56 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16dd-4Rl/3A369o7jd+Egv0WGJQ3tOGQ"

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame A724 52 KB
20 KB 30ms
27ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 14:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2830
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20658
x-xss-protection: 0
server: cafe
etag: 3049979879964453995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 15:48:46 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 307A 0
0 8ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/images/banners/Smiles/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/images/banners/Smiles/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:19:04 GMT
expires: Thu, 02 Dec 2021 15:19:04 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1012
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame F562 6 KB
2 KB 189ms
102ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=France&state=%C3%8Ele-de-France&city=Paris&latitude=48.9335&longitude=2.3661&stid=72b03950ae4683b73171db4632666b05
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: 361addb991117664a7a3855821c9fdd73f45bd7c2e3b6d74fc6dbccad3d98ce7

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:35:56 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16dd-HVBf5sRgD3SNFVh6K/Kn1HAOOGI"

POST
H2 204 csi
csi.gstatic.com/ Frame A724 0
45 B 294ms
293ms Other
image/gif 2404:6800:4005:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ki7kodfk&chm=1&ctx=2&qqid=CNLly_7Pr-0CFclO4AodwbwChA&met.4=fb.2~lb.36~ol.38~idt.3a~dt.-93&met.3=197.34~123.33_2~117.36~298.36~116.36_2~118.4y_1~118.51_2~118.54~118.5b~143.6g_1~118.6j~113.6r_6~112.6q_8~118.6y&met.1=1.ki7kod8u~14.0~15.0~16.0~17.0~18.0~19.0~20.36~21.38&met.7=CCIQBBgBIAMoAzADaANwKXgWsAEBuAED~CCoQChgBIAMoAzBCOD8~CCIQBhgBIHMoczCeATgqaHRwnQF4FrABAbgBAw~CCgQChgBILQBKLQBMNQBOCBotwFw0wF40aIBgAGyoQGIAdeiA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:804::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame A974 43 B
853 B 347ms
314ms Fetch
image/gif 2606:4700:3033::6812:3ef4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIzNzQ1OWQwZTEzZTgzMTdmOTBlZWFlODg4YTU0YTEyOCIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL2ltYWdlcy9iYW5uZXJzL1NtaWxlcy8iLCJjb3VudHJ5IjoiRnJhbmNlIiwiY2l0eSI6IlBhcmlzIiwic3RhdGUiOiLDjmxlLWRlLUZyYW5jZSIsImxhdGl0dWRlIjoiNDguOTMzNSIsImxvbmdpdHVkZSI6IjIuMzY2MSIsInN0aWQiOiI3MmIwMzk1MGFlNDY4M2I3MzE3MWRiNDYzMjY2NmIwNSIsImV2ZW50IjoicmVxdWVzdCJ9.HB1C8e1v-IARtNY3flqzHQn7wRX-IJfqAD_2m2xHF0M
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3ef4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:57 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b1a27c00002c52c60d5000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zAw6sikr9dn2qX0Yj2pbFZtyv3P3KyJrshQ7%2Ba8qtI5OOyTG7U3A1eFKWa3GlyzxWrdcnLr092OseEJHSmK10LD5hUj3D5Re83t6RTsesJhJZYtN%2BP4gdga9kCyKgRqPAAo4lImx1MQ%2B3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb61ee3fabf2c52-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame A974 43 B
541 B 314ms
301ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIzNzQ1OWQwZTEzZTgzMTdmOTBlZWFlODg4YTU0YTEyOCIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL2ltYWdlcy9iYW5uZXJzL1NtaWxlcy8iLCJjb3VudHJ5IjoiRnJhbmNlIiwiY2l0eSI6IlBhcmlzIiwic3RhdGUiOiLDjmxlLWRlLUZyYW5jZSIsImxhdGl0dWRlIjoiNDguOTMzNSIsImxvbmdpdHVkZSI6IjIuMzY2MSIsInN0aWQiOiI3MmIwMzk1MGFlNDY4M2I3MzE3MWRiNDYzMjY2NmIwNSIsImV2ZW50IjoiaW1wcmVzc2lvbiJ9.UhjpGoFfa96iDO2_s7PJt7WcXrywtOp59CahbTFeiy0
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:57 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b1a26a00001782d31dc000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XiTCLG6%2FGGXZ6a0Yps7LAfi4nOWqR0UeRobxY0FCp3BDhsrORjGJAVuDBBc9PZ2Jt9upSuzVLLTyZ0K%2ByhuvwrEa5aU7HFE%2FjpFpyghAsYS8fOSIojk0Zd%2FPchKsbynXgam%2BvQwGNNF9qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb61ee3dab01782-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame A974 42 B
738 B 48ms
10ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Wed, 09 Dec 2020 15:35:56 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame BAAF 43 B
355 B 314ms
313ms Fetch
image/gif 2606:4700:3033::6812:3ef4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiI3OTRjNjE3ZmI3M2ZjNzMxY2UwYTk5YmJmN2VlYjQ1NSIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL2ltYWdlcy9iYW5uZXJzL1NtaWxlcy8iLCJjb3VudHJ5IjoiRnJhbmNlIiwiY2l0eSI6IlBhcmlzIiwic3RhdGUiOiLDjmxlLWRlLUZyYW5jZSIsImxhdGl0dWRlIjoiNDguOTMzNSIsImxvbmdpdHVkZSI6IjIuMzY2MSIsInN0aWQiOiI3MmIwMzk1MGFlNDY4M2I3MzE3MWRiNDYzMjY2NmIwNSIsImV2ZW50IjoicmVxdWVzdCJ9.dcCWJ3yh0teTDD5G-3otCwq-nJ_bnFBCPueMBj_TIuo
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3ef4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:57 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b1a2b800002c527ca06000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jp%2BKPiyCNMeSNtSQ4Yv6j85SO%2Bm%2FdnuLG2Q%2BDcqZ34x%2F1Dzs7jZTiA1VQWkfxgknZrHkh6Bn8v8YvIB0Q2b%2FoQ9ZsixzBbOp1zK%2BiUprSmZzA%2FcrZpLlwm921ZxxuwLLB1i%2F6HXCyw5iYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb61ee45bb42c52-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame BAAF 42 B
737 B 9ms
8ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Wed, 09 Dec 2020 15:35:56 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame BAAF 43 B
354 B 299ms
298ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiI3OTRjNjE3ZmI3M2ZjNzMxY2UwYTk5YmJmN2VlYjQ1NSIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL2ltYWdlcy9iYW5uZXJzL1NtaWxlcy8iLCJjb3VudHJ5IjoiRnJhbmNlIiwiY2l0eSI6IlBhcmlzIiwic3RhdGUiOiLDjmxlLWRlLUZyYW5jZSIsImxhdGl0dWRlIjoiNDguOTMzNSIsImxvbmdpdHVkZSI6IjIuMzY2MSIsInN0aWQiOiI3MmIwMzk1MGFlNDY4M2I3MzE3MWRiNDYzMjY2NmIwNSIsImV2ZW50IjoiaW1wcmVzc2lvbiJ9.0LWFWmbRPUWM7yTw4sdjGJhBPuyf-i7MIVFryKRMV8g
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:57 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b1a2ba0000178266341000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xEtLEFRor3QEzBFXmSnDkHyzsgef%2FYsaMvJkILi99N7jjPqzPBv3%2BG2A7a5f0K7FKjOcAL4BV6LZ0R7QWv25s3FEUh%2BUZ%2FwA9t3HbcnmhlhjdxgujQN%2F3HW0woMT4q%2FMwCykLwR%2FxncSAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb61ee45bd51782-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame F562 43 B
344 B 283ms
281ms Fetch
image/gif 2606:4700:3033::6812:3ef4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJiMWYxN2Q1OWRhNTdkZjg3YWNmMzc1OWIwZjQyMmRiNSIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL2ltYWdlcy9iYW5uZXJzL1NtaWxlcy8iLCJjb3VudHJ5IjoiRnJhbmNlIiwiY2l0eSI6IlBhcmlzIiwic3RhdGUiOiLDjmxlLWRlLUZyYW5jZSIsImxhdGl0dWRlIjoiNDguOTMzNSIsImxvbmdpdHVkZSI6IjIuMzY2MSIsInN0aWQiOiI3MmIwMzk1MGFlNDY4M2I3MzE3MWRiNDYzMjY2NmIwNSIsImV2ZW50IjoicmVxdWVzdCJ9.ExsY7wo14B68Wlb2BZ1MN924iQ-1RwifnEOTxJGsc-8
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3ef4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:57 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b1a2f300002c527ca0c000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kt%2BEKNT8bieKQPjLJLWZZytOfp06P9Q0hnfxQu%2BRMR2jPJzijyFuv3B84Y8rLx3AhJWQbvVGtvkuJFzWqAdKI9XpRoY6Gj7Rx1esjQsV8mCTJ1YwiZnouL8courujAoH456SCDriozidjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb61ee4bc962c52-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame F562 42 B
737 B 7ms
6ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:56 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Wed, 09 Dec 2020 15:35:56 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame F562 43 B
357 B 287ms
286ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJiMWYxN2Q1OWRhNTdkZjg3YWNmMzc1OWIwZjQyMmRiNSIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL2ltYWdlcy9iYW5uZXJzL1NtaWxlcy8iLCJjb3VudHJ5IjoiRnJhbmNlIiwiY2l0eSI6IlBhcmlzIiwic3RhdGUiOiLDjmxlLWRlLUZyYW5jZSIsImxhdGl0dWRlIjoiNDguOTMzNSIsImxvbmdpdHVkZSI6IjIuMzY2MSIsInN0aWQiOiI3MmIwMzk1MGFlNDY4M2I3MzE3MWRiNDYzMjY2NmIwNSIsImV2ZW50IjoiaW1wcmVzc2lvbiJ9.husHRWW5HAesz2LiJAuKVbrtx7FEDOL8d94h6xajx4E
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/images/banners/Smiles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:35:57 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b1a2f100001782fd83a000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FzV6DTKEb%2F58l7EIWZPRIhBJjSIG984CqQTL%2BO12RcdKyBCFFJazKaFPIW0Tl%2BymV7QlVrYKEtCwrVVCcedgHtr%2Fxq%2Bb%2FxGQqj2Mpbf0ggklZj4Y%2FfIj0VM5ytCBwsFiEO%2B%2FgQw89b9o7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb61ee4bc9e1782-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B15B 0
46 B 23ms
21ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=3917261640619065&bg=!MzClMBDNAAVGySeIRlizxlQcmfrxXwIAAAE5UgAAAEZoAQcKAaIml48mmtYPKh5zmfC77C9E4JjYhuGob6mpJ7LoB0DFKG-VuAZ6gQjNrczJrfngXg5dTSJy6ny-HlygYpey4CnjEn4H0uar0EYvXjaDiVrCdeACHGGiT96X2Is-okEue_WrRlkR1AFIN7Bfr3wa5iPWdrQ6y85-iJzu4LnPlUX7bq0g2HJgOQzB9uHBZWj4hBjeBCgDMdOLODj-7HrXYAO9O_pqMCVd-cpcy6TL8X6swiX598el5CLgr4Y5NfJzUr0b-4wfFqqaTQvLPXJrxN_cVrAq43yEZLD5fZJ7rlfIJPkeNmE90PBjqTXxNaaflS5gbHaQQyRq8puXlqOZ0XBRYPGyLRPbYhuMVhDNmAfcF5r5wyQQPyYYESSocu9mwgMtidjYUktslCGxfYBIeCbH4eewciIWTPiaeLpYSDiiTWKuKvIrRQzn5sjcOjuiqLVi2A2H6U_FyOAsDQPP4rpEgaoXGxvNiBnYoIf5L5QdhjQWv3r0zSVOcPrHwRbjih0Sgjfp9lDn_fJSTdJufoSFgXUnl7Ts-GbfTKHZLfJxOSe0mQHfE_a1MW3BHPQJtAD9OxlwO7f_u38FStr60_sdbuBwtxX0OZbg6kyh89Qf9iAR5cP5yKs3uzJf6AfkX2VySl1eLd0HOIg1VM36S8bg6J5LksWkXZ0J3D_vaJZ2_3T4TN2wDdsWdrZNlleO8wHbpEZUKqUReO-i_YZmz13CQbgR1P9ppOTj0kQyxIiT5TA2fi8MYhqYhQDQPtHMdNKOmmjlfe3dLOpwOOZtFt-YUshHHd8amG38u2xNvtp7xnuVh_6C4-tt3N9nQyxYZY6qLfcgVkcn6mI6jhoX1cMe1ecZ49zjMUwvSWhbz2vKvP1q8PpRb5doKUiKZvvLiFhKV0r5yPAWZDiYlvEwSDjQLNAJdK-wZOE00WXtcilLtu835ZtCUIMnKiqtJisHMzOsgzdyBaCfDgRmlwFWrRKfysiOjUitDPcgLHk6Vi_QIpyuw-EOhqyvby7UOZlBV7ShGtyt8PGEXMLpEG3kyZ8hqQmtXTvWRcyT6iO6pW5V11yNhwyZqPj-b2U_SKcq45WzXwqoTWJFoorYw4mKVCCZi6SmY5e6kuCFgl2akxZCgDY35y-0-qvS5hnA5aX0EenKw541ESIRlyX9-IihjkSqn-cVV5dXbci4cCVfs-pTyZuDcG4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5F0 0
23 B 22ms
21ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=3112428283883189&bg=!ZmWlZUXNAAVGySeIRliSc0orXesp2AIAAAEIUgAAAFZoAQcKAMryMZ053JozEEOzotSto-2ZqKgk1b8GpY9BQVu_buFUETJ8i1yPvgiNa3CrOmYoi-RPsmXtWes_aicsLOK-xWwnIUiTd2pyiiaRysuNaZS7mtgwBi0qn22MPKgHgwSbVK2w0A7x2N5OI9gg0Eyv5fVB3QoTGF77LYwImCcAOn3NlUBdVQHBaQqpaVmyE6boxcQzBebh1I7ZMHIOiPQ0rK0iviGLm22t4-28Cz67xWjsO_QsuybNLkGpAbZMxtDr8XzbF63hF30NQEpsmQHf5arxUpnh98ItjrsHFSmKw409kG8kir5L7e1rep7dX2XxP4o9qeV7fa734Ml2s8TBXzW5oDIRIBkqxNEpGSrw1_1iFSoMQKsODQiOJ6JwCNYtsX5rS5Xfg0btHGlXYZjBfHpCkwoESjwT0aFnvnr0xyp6iBnfjmAo5E_MQhCbI3GXe1PdvnBWmOZNJlBUgFH50e-Tp-gI-wxeOQgFnTtHHWYuJZCLWJU9tMldR_Km8zl5V6thSMEwYwtVw_TBKyDd8zER9pv_hUwGrueHCQvYQdC1WLpy35ejW49fDxe4uTJC2hErjVhkBA-zfH7sTapkUtuSepE4wQOBAUBx9gDEq43BEHboR1G8spb2vftq-WtvPCo5Z7sHfWXEy8208lGwsq39MtdnDzhKC-xUHo9DlmpMS3R3Ph1MAIm9DBiqBH2rUTFIBHdPFNkWXfToBJnwUpaHwq3R7iURh0un5_LuPvGtgs8x2JZ4eOon74variWXezCrFRZzYOPIxNij-8JHRjxnAIHMjbfWLNa4umg0aRs9xARR5t9PpjJcM4Vq_094P6YJG88xEmyV56jw2rCL2UfZPj4Kc3Nc7vV6UFQdVHhv-K_WRbBJElwKCNceH-czzFlWpUYRBZC_ElaGpPk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B21 0
23 B 27ms
16ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=1325125863648585&bg=!ISKlIgLNAAUoamvQKFj_PDmpY9pyzQIAAAFrUgAAAFJoAQcKAOSofzfq1s-oMNTap8kA15-Kip2RyIPczWC4GS1y3jCWT-x3ECUmo2Kq6fKF8hou7JeQZzxGanbb9CWwvjQ4pcKZdBbUw7_jsSuknLaNCixGWFg6fI4CdP2_yd4sCxcP1GQeiQNZMMFhQoUVb2VHINu7bHSVs7GhKOvl7LzyRB5icGOozA9fhEKelvwfRSheWJchHlyUT2l4p9wBwF4rABi9TJYbYKix5ugHQ2m8uxvNnBZQ2jz26H2rblNDyNOU_TRyMGrom5VdtLYqc116V2VPFIhfgAb3HSgg29vo8XKf6CeJFeWZAf1fAfG0z9k8h6pJc769CHilC5YLoC6n8BDtGwwHRj5WmIkDmltfYdXjpPr3IvQ8bvAIIgDbfeW2K43NjLXmX4d1HyRb2JaiTMR0qrWj981v-KziAHYhj5zS0kBmbQIaPvVtv5p-5ET5BY6o1m9pTsZpeGcecJ7R6ReOmWSTGkt_ii7_EcNehRQdaQv0ROSwLoEo_iNBQ20plvyCwpdTSzRgVJfFkXNQ8Rwkubrg2OXbDbOku2oW4vspzViTfa41fWKtLA699tKEy9_D_jzn_9tIwXbcxfTTvfAvLa4vG6fF2otoVibYLRZYdLw3dTa2aER9j00RM-DPlxxs5Zx_ggJqZ4ATRisLekHul_F7TJykatxpZkiliuXn4lTV2jsvjVV9wetFEiKqxBZj1wE0DFwvxRwbpJFV5EOJgp8qjEhhDmWIMsTJieRxLH-s9JEFrj_5CEuuXQ7iSpnHNyQvXVv_B7guQTkNzYkSKTRXfgA52jHmXT962eAeUmvpJZKT0JQJvP9h6LaRymLXDUrqPUncWCAToN89rbS8-G-U78kqtLoTs3g95wiX6Eu9BDQ7W_zkw0vSvDZsY-WUxpghXizDKIqIMh_dDiUqHKmNrV3xqIFAlMipkKEv0-4yXn2oU4h-WfXIU8Cyws6a97wJBAzp-f2cafPO-_83__NywQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/images/banners/Smiles/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:35:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

371 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.portalmanaus24h.com.br/	1970-01-19 15:05:15	Name: __cfduid Value: d8de3737284a0b54da89baa9efc6e02c71606923349

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	(Line 15) Message: Slider => [object Object]
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

83d39d00154562d32d0a45b1f3416c9d.safeframe.googlesyndication.com
91596f85ab6da49e823ac1dee22c135f.safeframe.googlesyndication.com
9c82bb527ae63213806aa97d8c016bf5.safeframe.googlesyndication.com
ads.simpleads.com.br
adservice.google.com
adservice.google.de
adservice.google.fr
ajax.cloudflare.com
ams.creativecdn.com
c.mgid.com
cdn.mgid.com
cdn.simpleads.com.br
ced-ns.sascdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
connect.facebook.net
creativecdn.com
creatives.sascdn.com
csi.gstatic.com
d.liquidadserver.com.br
delivery.liquidadserver.com.br
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.mgid.com
lqdads-7405.kxcdn.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.yabidos.com
portalmanaus24h.com.br
pre.glotgrx.com
pro.ip-api.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
sync.smartadserver.com
tpc.googlesyndication.com
tracker.liquidadserver.com.br
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.16.199.73
104.16.200.58
104.19.135.78
104.19.217.61
157.245.136.40
172.217.18.2
184.30.212.16
185.184.8.30
185.86.138.144
199.187.193.130
2.19.34.195
216.58.206.2
2404:6800:4005:804::2003
2606:4700:3030::6812:3ff4
2606:4700:3033::6812:3ef4
2606:4700:3033::681c:1def
2606:4700::6810:3f36
2606:4700::6810:a823
2a00:1450:4001:801::2002
2a00:1450:4001:803::200a
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::200e
2a00:1450:4001:825::2002
2a02:26f0:6c00::210:ba1a
2a03:2880:f01c:8012:face:b00c:0:3
2a0b:4d07:101::1
35.158.172.137
35.212.212.222
51.77.64.70
51.89.9.251
52.17.171.52
65.9.68.126
68.232.35.16
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258
11dee26cfd14a1898c831c35196794b9ba75363fbbf5acf40270bacb57a4c332
13017fbdfa3b0ad91b5afbd537b31a95b3b94f1828f7d58161ab6ae80837b1bf
139293969a3af52128cec6885aae531bd55ddf25f4e43ff1e9b1ff624b78ee69
18a75ac388615ee4a4fa7f57e3b818de3bdaba6d43abcb01bcfa909494d9bfb5
21906f4f635a0b8968a9087c803b2714e7ed2ed818ce61276b4fab8da3f1b82d
2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478
2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543
2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591
2d1b58328ec54739787facc52cd5ececaf5062c05e1ac56e8249b85d121317d9
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33c0d02e3a7b7a00e95861d39e12c40af3336027300a562262f0d31ea6ce4b7e
361addb991117664a7a3855821c9fdd73f45bd7c2e3b6d74fc6dbccad3d98ce7
37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32
411b05f1084e53ee5fd0b5f9013deca198cdbcb043895c3e8ee76463edf4b5aa
447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6
45e223c7b0bbeb7daf57b0dd63044080eab8b993af2644dfaae04204d21821e3
47dfaa9450acf1a146385f5e74528c304c823ee1e41c7aec8b947c523d11cf58
4f1ff770ee94af9e8f67024dc47152e273cd1e7a087424a6276c80893521adcf
511ac19a268dc2f8389832cd65011820e2acaf6b5bb4301d3965423f82d62c23
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61
6d630367a19a8d846c033feec64b4f351b3aa365e3cee3ef058b008f6e46ffda
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
6f96f545c5578e53167400f8e466da0109fccbc9efecdc9e5dc6004765a8f323
6fa5aaac0b16af7acb39443b2d6991db21c3691230835181dc66ee2010e29e50
72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f
72ef8fc0e7c6ef5023d61b4e03168d1e5ba4d82f0a8d57ee2d68f9b2a0fa2ec2
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
79635cdac8c6cb4b980286f9e79808b9ef3144185fbc8f72bf8b639f23ce30b7
84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
89ce463f1cab479d58319e9d4e3ce864a8351155e893b21a2f2eb97e5b296f1b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92b33196a232ed91cb8132457039c35a87201dfa05c14ff22d82f3494135444d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b814a0e6838c13703ff30b18c890ed768ccd67432553ff953d83b3d589db73
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b18ad37f9a3ede082154d3a0f80e096ac44f72407b07c2530a9cbe20b52d0253
b65b833e4d2a06fe3e13a7e1bd545a0996692295c84963c1e2dbc579fd128005
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b99fe9d7d8caaba3f9300dd5fd5d7d9f9ea9d0a17b801a0ea802e169d6550b9a
bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07
bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3
caba80ceef27c670532ed625070172d0e9deb6affb63de928df8b8541ff4129a
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
e1f6ea9655273a4004c50ca9ef91f4e5a0614b07e169c903e257b2366519db9e
e23cd607c06073b14edf3d9798b4b9945582bcaa9ea13c4b298a044c1ccc5db4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845
e9da952f400368764a583af6e3c6583fedfff01ec083111c8df58fbd9da7aec4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b
f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e
f31238f6176fb461d8ded325b2c56a1410f86c5dd0b6d60a1c1f31d2ec297ca2
f5f7d4c5edb8e6c7edc69f46ba7d8054a4d75996694fb428dfc37185fadb964e
f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4
fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658
fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238
fe9ee1a91d99db395e98628e316dc5da7ed699134fa64b7e88ea8dba0d35e522

portalmanaus24h.com.br Open in urlscan Pro 2606:4700:3033::681c:1def Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

173 Requests

100 %HTTPS

56 %IPv6

33 Domains

51 Subdomains

37 IPs

10 Countries

1884 kBTransfer

5691 kBSize

1 Cookies

8 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3033::681c:1def Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

100 %
HTTPS

56 %
IPv6

33
Domains

51
Subdomains

37
IPs

10
Countries

1884 kB
Transfer

5691 kB
Size

1
Cookies

173 HTTP transactions
4 data transactions