portalsaude.meiahora.info/tb12/prop/pop5/
172.67.135.173301 Moved Permanently 0 B URL HTTP/1.1 portalsaude.meiahora.info/tb12/prop/pop5/
IP 172.67.135.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tb12/prop/pop5/ HTTP/1.1
Host: portalsaude.meiahora.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 21:53:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 22:53:59 GMT
Location: https://portalsaude.meiahora.info/tb12/prop/pop5/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcuq31tiQ0J5g%2BqT1GcnKjDVdUgbnaNSX0UhSAnQ80ShrMBcbddwVoYMsmFo0nnD1H2xCVFp%2BkYCfe3hqK4RCDXxqu8OQJV8ybi3WJH55IBzLkTMQNc%2F%2B6inYAplhZM1%2FIAUKWtph0zpzBtT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7705dc2d3bfab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8277
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 21:54:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3346
Cache-Control: max-age=135174
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:00 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:26:54 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 21:19:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2084
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9198
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 21:54:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +pjkQCuK+5scuQEk/+TzN35RJ6icKNbu7Sa0BR/55GoT2jyy8V0QZBwqcTMwXfyxbdtmw508Ng4=
x-amz-request-id: 7NXRCXR18XNSNEDT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 21:44:23 GMT
age: 577
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 21:54:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 4.4 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash 8848d03159381324dda25db0e418878c
bbe011d623a4fc62370d63855780ce6f509903dd
833931b3010cc1e2cdb49056897066b1b3b51eb294f862937a21870d4a462bbb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 852811693f28fc918a21d58579936d6c
c523bd55419a5d7ff20ab0b0098c9067bd30261f
26e988a12874158704424eafa59936bd2cf58a24dcd599277defd2a4a531dc73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153028
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:00 GMT
Etag: "63823dbc-116"
Expires: Mon, 28 Nov 2022 16:24:28 GMT
Last-Modified: Sat, 26 Nov 2022 16:24:28 GMT
Server: nginx
Content-Length: 278
portalsaude.meiahora.info/tb12/prop/pop5/
172.67.135.173200 OK 11 kB URL HTTP/2 portalsaude.meiahora.info/tb12/prop/pop5/
IP 172.67.135.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5579)
Hash f13e1a5f6adc576975c3ad5a054684a6
99c951e0500371b8fd28fa79d4a8c15dd84a099e
aba4a2ab78af9b2e8e85ae283b65a2eda3e8b4aa51dbb7135e6dce8626cefeef
GET /tb12/prop/pop5/ HTTP/1.1
Host: portalsaude.meiahora.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Nov 2022 21:36:50 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WjdpVemJa1m%2BpieBqf8wlMYIwpaeCobRNqamh9ECELWtseoM%2BpZmv81oBFiE7fGbu9%2Fe%2Bp4jwaT30Oaf48UbM5DZERA%2F8ZAxsbGRC5hclmjkdcsQ77aFBjAjLuFktjXgjfheG3dHUUWu0KU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705dc2f5b02fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 15 kB IP 142.250.74.3:0
Hash 44f4beed373dc8beebcec5c833e9fe76
55745c9e6d05342d57a949f49faa83a5f68bd455
c6b4b2f8d35bfaa4be4b1c3a2f586e2a8f13a0f3aad39b4ffc0aceaa8a50c9bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 852811693f28fc918a21d58579936d6c
c523bd55419a5d7ff20ab0b0098c9067bd30261f
26e988a12874158704424eafa59936bd2cf58a24dcd599277defd2a4a531dc73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=153028
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:00 GMT
Etag: "63823dbc-116"
Expires: Mon, 28 Nov 2022 16:24:28 GMT
Last-Modified: Sat, 26 Nov 2022 16:24:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 21:08:54 GMT
cache-control: public,max-age=3600
age: 2706
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbEeiWmd8WA.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbEeiWmd8WA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21288, version 1.0\012- data
Hash eab39466c05fbfa06f2d5955c4f0afbc
b0680d4a7e6836048a610116c95198d88377d40c
9a3f8eb676ca0c654a8edea4aacd4a1339340dcd7540335abac4463cc78580a6
GET /s/mukta/v13/iJWHBXyXfDDVXbEeiWmd8WA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 19:16:02 GMT
expires: Wed, 22 Nov 2023 19:16:02 GMT
cache-control: public, max-age=31536000
age: 355078
last-modified: Tue, 26 Apr 2022 15:46:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbFqj2md8WA.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbFqj2md8WA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21140, version 1.0\012- data
Hash cbd267bc765067b15567aa3d0d617794
f7dd8c99d6e561c0d29060d95711102d2419cc32
18efe70c0ef13ab8ccac687d4cfd1a56e6acc691ec1bd7f242127e5cc0d6afd2
GET /s/mukta/v13/iJWHBXyXfDDVXbFqj2md8WA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21140
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:44:51 GMT
expires: Fri, 24 Nov 2023 05:44:51 GMT
cache-control: public, max-age=31536000
age: 230949
last-modified: Tue, 26 Apr 2022 15:49:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 747 B IP 142.250.74.3:0
Hash a1ec1259b2568c1e8f7cde967137d832
0328b4eab2f29e7c4eec2c31eaaa81a131690462
7e3f6edb38fb62b11e87eef93dff8ad9b5bd03ed96a6aaec27f4060a17776f98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4128
Cache-Control: max-age=130898
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:15:39 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0fb98792c1511fa9040c0245625efe74
0390b759ec8d96f922faeb66534d4d119d75d594
ae9fb1cab7fe40da8a5e61a86472afd635ddeb7cded1fa097e9ecd728bcaa5ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 20:20:01 GMT
Expires: Wed, 30 Nov 2022 20:20:00 GMT
Etag: "0390b759ec8d96f922faeb66534d4d119d75d594"
Cache-Control: max-age=339358,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7705dc33f92e1bfe-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ
142.250.74.168200 OK 88 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (62437)
Hash b187318ee14471494c5fd9c4244f31fd
70fac7368d8ca5edc13d5230470e634d75c26d7c
4e6f1ffe8a1b48ab365d798ca3863e164039a0220b76684e54faf9f0f2688edf
GET /gtm.js?id=GTM-MDQT4QJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 21:54:01 GMT
expires: Sat, 26 Nov 2022 21:54:01 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: olQzel1E8znonPL11egQmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YiChfvMJ0m++eDAFPfFHWAihHB4=
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sat, 26 Nov 2022 22:14:01 GMT
Date: Sat, 26 Nov 2022 21:54:01 GMT
Content-Length: 5276
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.8 kB IP 142.250.74.3:0
Hash 0221e6bb03d6bc3b9b377c9d46cd5f5d
3338482e71de343cdd6dc96d927a2c7c97247168
3ff1b9e3dcfd0122c74b0e09fb849cc9023430f88404aa817dc40bc25cd45b1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/811775827/?random=1669499641297&cv=11&fst=1669499641297&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4
142.250.74.162200 OK 44 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/811775827/?random=1669499641297&cv=11&fst=1669499641297&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1441)
Hash d45d27197bee4eff583504d41cd4a2be
495b07d399573def12e43c8b74103f1739f0a675
faafb434a98d34135fc706189044b35cd5759c12b0bf0191d36ee8719edf41b6
GET /pagead/viewthroughconversion/811775827/?random=1669499641297&cv=11&fst=1669499641297&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 889
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 22:09:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&ct_cookie_present=1
142.250.74.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&ct_cookie_present=1
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 22:09:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
checkout.titanblue12x.com/pixel.php?
104.21.94.163200 OK 737 B URL HTTP/2 checkout.titanblue12x.com/pixel.php?
IP 104.21.94.163:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 1x1, components 3\012- data
Hash 30c170707aebe64e7d4368a4ae848c33
4846cee3eadbfb4a01e1e50900e9933f80e36dd8
19ccdb26ce2501629ea935479273b3cbb58bc0109c2305858041b5b7b332cbcf
GET /pixel.php? HTTP/1.1
Host: checkout.titanblue12x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:00 GMT
content-type: image/jpg
last-modified: Sat, 26 Nov 2022 21:33:26 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i9n4TBXvti1VD%2B8RXgd9aZQmXxcyRw7sHi7lSIOTLVWZZNM6qMBKjBJdt0Hxx3RBtdavkOmrFNRtUcbBPkVDutfJkYytZOLzSdS631LEmKc7y5rWz%2Fki4XyRxl%2F2lym%2BUhfcAXXJI4pMzsG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7705dc31fc3a0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10849238487/?random=1669499641299&cv=11&fst=1669499641299&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4
142.250.74.162200 OK 890 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10849238487/?random=1669499641299&cv=11&fst=1669499641299&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1879), with no line terminators
Hash 8f6d5c5cc0f93547d0336eb6bd39877b
df8e91830049abf89b63055d525943ca15b431f2
ea599dca7d503036812804c465b4bcc446eb563ce8cf28339072e35bf097dd2f
GET /pagead/viewthroughconversion/10849238487/?random=1669499641299&cv=11&fst=1669499641299&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 890
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 22:09:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1669499641295&cv=11&fst=1669499641295&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4
142.250.74.162200 OK 5.8 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1669499641295&cv=11&fst=1669499641295&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (15660)
Hash 1a8a0a04f224fb14250db978de472cd4
8fceb02ca47dfda30d340837c041a090735b5d9a
16d0dd37eee24d68b38b678d3b0f7fab42281adaa64e69508511a0de2aa161a7
GET /pagead/viewthroughconversion/611304047/?random=1669499641295&cv=11&fst=1669499641295&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=438040016.1669499641&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 890
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 22:09:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/611304047/?random=1669499641333&cv=11&fst=1669499641333&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/611304047/?random=1669499641333&cv=11&fst=1669499641333&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1669499641333&cv=11&fst=1669499641333&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/611304047/?random=1669499641333&cv=11&fst=1669499641333&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85c1cf9caf44bef6cb44388506ede3e4
5114a695768daef58137a2b0213bb3bd9eed5f5c
71ca43ce811d5a850dc7e1993fc7bd0af51082b46cb7af8dca23da8d58cf4621
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71CA43CE811D5A850DC7E1993FC7BD0AF51082B46CB7AF8DCA23DA8D58CF4621"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9702
Expires: Sun, 27 Nov 2022 00:35:43 GMT
Date: Sat, 26 Nov 2022 21:54:01 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vctx?t=74972
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=74972
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=74972 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:01 GMT
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2d1779d8c69ca629e2fc110b0eaa3028
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/unip/1484435/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1484435/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58497)
Hash c621e39dbe7e7ad30cc9be17027b7d85
ac29d1eb11be2212b8a4fd157e972e0cd84a92fb
c9ca240e84a6376189894b80ad015d8e6fe7760ed73957b5e70e4ebaef26696b
GET /libtrc/unip/1484435/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7wUtmODUXEV6/2POKN0KEbYlaO1u40y+JNG+OvjpBWD+D73CspSsGHGsuQ3ngQg3VfZnS6HWeOw=
x-amz-request-id: NH2DJZM5H6TY9Q4S
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 11:05:13 GMT
etag: "f4d3caffa4c7097bb3809d46feee22f2"
x-amz-version-id: vWJmUH4AjF_Iy.tbKehvbH3FQJ0ZGufs
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:01 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669499642.579765,VS0,VE101
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
content-length: 17954
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6cc1350d284fd623d47959f0b7818aeb
389428ce7f68146063be83c0df8e80fa8db0036d
f0c765c9153d98d1b3a70ef8c9c255f439d58297161ee8cb40656dbbe0aa42ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114516
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Etag: "6381a74d-116"
Expires: Mon, 28 Nov 2022 05:42:37 GMT
Last-Modified: Sat, 26 Nov 2022 05:42:37 GMT
Server: nginx
Content-Length: 278
unphionetor.com/vbl?t=74972&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=74972&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=74972&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:01 GMT
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: e9aecd4da6756d07d06c7bd455aac79d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aefb4b0acf552a1d368b1a01556b59ac
3a50a78e2f491cec0165c3421dbc8786a4bc8d94
3c745524b47b3efc5355df20780c448265e960c5112fc143c9cfe3f55ca7733e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aefb4b0acf552a1d368b1a01556b59ac
3a50a78e2f491cec0165c3421dbc8786a4bc8d94
3c745524b47b3efc5355df20780c448265e960c5112fc143c9cfe3f55ca7733e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 39f672405098b3fe73d1acd85c43955f
97461d5c0092c12fc7eb9bc5bb519141ae39be08
0df4d27f6b1e38379e19d6cfc9870a11148e03b68ef5b0f04a63849f8b034097
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146582
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Etag: "6382248f-117"
Expires: Mon, 28 Nov 2022 14:37:03 GMT
Last-Modified: Sat, 26 Nov 2022 14:37:03 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9837c90569db6028114ee4db0d47c7f0
93c4a6ca6089601a6543b75365556aa36af94344
4bebdc9cc0f151906c620eab03fb9a69c1c0e007a724cab8cadf1080c1274469
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Server: ECS (amb/6B79)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aefb4b0acf552a1d368b1a01556b59ac
3a50a78e2f491cec0165c3421dbc8786a4bc8d94
3c745524b47b3efc5355df20780c448265e960c5112fc143c9cfe3f55ca7733e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
topdanet3.blogspot.com/2019/05/tb12-view-content.html&undefined
142.250.74.161404 Not Found 15 kB URL HTTP/2 topdanet3.blogspot.com/2019/05/tb12-view-content.html&undefined
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6565)
Hash db311621ea57978a06079ef69c6c429e
c3efb2e08f1083f450c9c574dcab03c179aa5b00
6b6343acf70dc99b8a3b16269ba784983dc8c66e2f643be8f7e9b70d31b6930e
GET /2019/05/tb12-view-content.html&undefined HTTP/1.1
Host: topdanet3.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 21:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15128
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=Eg&_s=5&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_c=1&_et=4
142.250.74.84500 Internal Server Error 323 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=Eg&_s=5&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_c=1&_et=4
IP 142.250.74.84:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c6b760e6b0be68f648b223590f8ceb8e
b50c437fcc7f726d8b057da3187e5d338eba63e4
f08cee021d976570f1fb821c45e384ad464f6bc254a76dbb39855048e2ef3189
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=Eg&_s=5&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_c=1&_et=4 HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 500 Internal Server Error
x-cloud-trace-context: 2fade9cb961179e25c7a175f565dd5b2
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
server: Google Frontend
content-length: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_eu=AAg&_s=8&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&epn.percent_scrolled=90&_et=2
142.250.74.84500 Internal Server Error 323 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_eu=AAg&_s=8&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&epn.percent_scrolled=90&_et=2
IP 142.250.74.84:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c6b760e6b0be68f648b223590f8ceb8e
b50c437fcc7f726d8b057da3187e5d338eba63e4
f08cee021d976570f1fb821c45e384ad464f6bc254a76dbb39855048e2ef3189
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_eu=AAg&_s=8&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&epn.percent_scrolled=90&_et=2 HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 500 Internal Server Error
x-cloud-trace-context: 797490879cb4d6d2fcaf3aec534b3b33
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
server: Google Frontend
content-length: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=Eg&_s=7&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=scroll&epn.percent_scrolled=90&_et=16
142.250.74.84500 Internal Server Error 323 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=Eg&_s=7&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=scroll&epn.percent_scrolled=90&_et=16
IP 142.250.74.84:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c6b760e6b0be68f648b223590f8ceb8e
b50c437fcc7f726d8b057da3187e5d338eba63e4
f08cee021d976570f1fb821c45e384ad464f6bc254a76dbb39855048e2ef3189
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=Eg&_s=7&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=scroll&epn.percent_scrolled=90&_et=16 HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 500 Internal Server Error
x-cloud-trace-context: f484d0c32dff918ce8f0f7edde7add7c
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
server: Google Frontend
content-length: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_uc=NO&_eu=Eg&_s=2&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_c=1&_et=3&richsstsse
142.250.74.84500 Internal Server Error 614 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_uc=NO&_eu=Eg&_s=2&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_c=1&_et=3&richsstsse
IP 142.250.74.84:0
Hash 2552620662341fe2a60cfdd64656c93c
857416e64e98a1e9f1347d8438dd9eb3e9a3ff6f
01ac6cd3f42610807c95908ca1acc819e5886312040ae2ea4ff2a30a2f69e56c
GET /g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_uc=NO&_eu=Eg&_s=2&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_c=1&_et=3&richsstsse HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
x-cloud-trace-context: 21fbefe23375b7b50b75ec1e5c60db3b
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
server: Google Frontend
content-length: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&_gaz=1&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_uc=NO&_eu=Eg&_s=1&sid=1669499641&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&richsstsse
142.250.74.84500 Internal Server Error 2.2 kB URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&_gaz=1&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_uc=NO&_eu=Eg&_s=1&sid=1669499641&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&richsstsse
IP 142.250.74.84:0
Hash a84ed3f4b2835d2649c5f158c6bab26a
488cfd23907a44d1f91087126a14989dfc6aab61
48cd6e534a2c628a631c0fa6a89ca8c4818f55b4c8d4399d73e288fd6a5118dd
GET /g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&_gaz=1&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_uc=NO&_eu=Eg&_s=1&sid=1669499641&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&richsstsse HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
x-cloud-trace-context: a444d05ff1030002399d1f7f9e2e212b
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
server: Google Frontend
content-length: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_uc=NO&_eu=AAg&_s=3&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&_et=4&richsstsse
142.250.74.84500 Internal Server Error 323 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_uc=NO&_eu=AAg&_s=3&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&_et=4&richsstsse
IP 142.250.74.84:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c6b760e6b0be68f648b223590f8ceb8e
b50c437fcc7f726d8b057da3187e5d338eba63e4
f08cee021d976570f1fb821c45e384ad464f6bc254a76dbb39855048e2ef3189
GET /g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_uc=NO&_eu=AAg&_s=3&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&_et=4&richsstsse HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
x-cloud-trace-context: 31382fcb6c71ee78450551a1f360c942
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
server: Google Frontend
content-length: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=74972
139.45.197.240200 OK 2.5 kB URL HTTP/2 propeller-tracking.com/fv.js?t=74972
IP 139.45.197.240:0
Hash 28788ba1b39ce8d460bc60d732243253
e5673d5a38cf3429db4fe94e5757930c249fd548
cd0e60de3e811f93a67c1332cbde85ea6f9eb1fe63999fda6feacfea4caa50f4
GET /fv.js?t=74972 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 6514dfd92d96cbc099847318e1fe7b9a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_uc=NO&_eu=AAg&_s=4&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&_et=5&richsstsse
142.250.74.84500 Internal Server Error 323 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_uc=NO&_eu=AAg&_s=4&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&_et=5&richsstsse
IP 142.250.74.84:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c6b760e6b0be68f648b223590f8ceb8e
b50c437fcc7f726d8b057da3187e5d338eba63e4
f08cee021d976570f1fb821c45e384ad464f6bc254a76dbb39855048e2ef3189
GET /g/collect?v=2&tid=G-HH1GNL894H>m=2oeb90&_p=1727690771&cid=1505421569.1669499642&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_uc=NO&_eu=AAg&_s=4&sid=1669499641&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&en=TITAN_VIEW&_c=1&_et=5&richsstsse HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
x-cloud-trace-context: bd70a4f79e95fcde59e9da7b9a8a6444
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
server: Google Frontend
content-length: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 39f672405098b3fe73d1acd85c43955f
97461d5c0092c12fc7eb9bc5bb519141ae39be08
0df4d27f6b1e38379e19d6cfc9870a11148e03b68ef5b0f04a63849f8b034097
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Server: ECS (amb/6BAE)
Content-Length: 279
resources.blogblog.com/blogblog/data/res/3311276799-indie_compiled.js
142.250.74.105200 OK 47 kB URL HTTP/2 resources.blogblog.com/blogblog/data/res/3311276799-indie_compiled.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1535)
Hash 86d0aad32713640aa4d2e424e27970fe
4c88bc29b3fffa6e4a83c4919fc313c86526c506
c8284a3e3b30fea7bcd94cad17349dfa579575eace1987ec50a21417c5a8c5e3
GET /blogblog/data/res/3311276799-indie_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 16:36:48 GMT
expires: Tue, 29 Nov 2022 16:36:48 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 11:51:12 GMT
content-type: text/javascript
age: 364634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 453119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9837c90569db6028114ee4db0d47c7f0
93c4a6ca6089601a6543b75365556aa36af94344
4bebdc9cc0f151906c620eab03fb9a69c1c0e007a724cab8cadf1080c1274469
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106258
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Etag: "6381870c-117"
Expires: Mon, 28 Nov 2022 03:25:00 GMT
Last-Modified: Sat, 26 Nov 2022 03:25:00 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6731e173509e88a3e93dba3270335967
a697dee133d523024f20069578ecd743627aa24d
cccdda1e435c8739e422880524493fd444bd9d6e8ecd35cd1ec638b175ae0c86
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 26 Nov 2022 21:54:02 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WqQjVAH0c4KTHZZo5ldLaQYjZHQ2fR-LFVV6fgU7WKKToAaGW97u6A==
app.monetizze.com.br/r/AVE11623520/?u=UR51634&undefined
23.36.79.24301 Moved Permanently 0 B URL HTTP/1.1 app.monetizze.com.br/r/AVE11623520/?u=UR51634&undefined
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/AVE11623520/?u=UR51634&undefined HTTP/1.1
Host: app.monetizze.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 0
Server: Apache
Location: https://thoraviril.blogspot.com/2020/11/titan-whitepage.html?mcr=AVE11623520
Access-Control-Allow-Origin: *
Expires: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 26 Nov 2022 21:54:02 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=e9pjbnthpr5t85eir2mpv2u824; path=/; HttpOnly
mon_=%7B%22BmChWv2G%22%3A%22A0GyLHKllTEY%2BQ%3D%3D%22%7D; expires=Thu, 10-Sep-2296 21:54:02 GMT; path=/; samesite=none; domain=app.monetizze.com.br; secure; httponly
_fbp=fb.1.1669499642.4652864249; expires=Fri, 24-Feb-2023 21:54:02 GMT; path=/; domain=app.monetizze.com.br; httponly
msc_last=eyJjb29raWUiOiJBMEd5TEhLbGxURVkrUT09IiwiZGF0YV90aW1lc3RhbXAiOiJCbVZYMFc3WlVxdmorZWUwVFE9PSIsImFmaWxpYWRvIjoiQm1GdEg5ZnMifQ%3D%3D; expires=Sun, 26-Nov-2023 21:54:02 GMT; path=/; domain=app.monetizze.com.br; httponly
ak_bmsc=618C1EC31AFF3D8B079034A66576B3BE~000000000000000000000000000000~YAAQFE8kF4qQXIWEAQAAT+HutRGsEZEKYZJU6LGI0p6YON2oHn4NnvYDt5uZX24DStljB06hzlwW/FG3yN0qt98OGKvRFNDzUXl3dywWfpqSl+W2pjjml8EB+MdKJDiyFE8HEEhg4nyxB6TJtugDQgjn4vrBCQVO7V2ByJHJoF3y6S3Tx+SHUc9OYz6t29DmtQQz2tWqyIpS/EO8BAAU+ErU6bUslVadA4Vsot0cYexEowa+SoMHFBxEVD0SK1DAdyWGgPW73OIh1erkDMHwB4TkTWhIWX8V280Ainy8xmluVaho+AyHl/6IszZhB8aX21smiWIhKouaJNk03REtsGjm13U5EVNWknOWKgX5ridXNgGH7sHwGBfbs2+5GCaYogrf5Yo=; Domain=.monetizze.com.br; Path=/; Expires=Sat, 26 Nov 2022 23:54:01 GMT; Max-Age=7199; HttpOnly
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6cc1350d284fd623d47959f0b7818aeb
389428ce7f68146063be83c0df8e80fa8db0036d
f0c765c9153d98d1b3a70ef8c9c255f439d58297161ee8cb40656dbbe0aa42ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=114516
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Etag: "6381a74d-116"
Expires: Mon, 28 Nov 2022 05:42:38 GMT
Last-Modified: Sat, 26 Nov 2022 05:42:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
142.250.74.163200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP 142.250.74.163:0
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:54:02 GMT
expires: Sat, 26 Nov 2022 21:54:02 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5975042370483709&host=ca-host-pub-1556223355139109
142.250.74.98200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5975042370483709&host=ca-host-pub-1556223355139109
IP 142.250.74.98:0
File type ASCII text, with very long lines (4885)
Hash 0c11a8ee737a2466dad0037217566322
f10e6af0ba7e01eae740010be4864beb04832796
518f02e22bb155280dd957211af4e97bf2df10e08b894a0219dd028bf530bed5
GET /pagead/js/adsbygoogle.js?client=ca-pub-5975042370483709&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topdanet3.blogspot.com
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 21:54:02 GMT
expires: Sat, 26 Nov 2022 21:54:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13138157583288909175
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (4885)
Hash ae39a7f4c614ca8e31b69798a3e5442b
e394f4d095a2a3b961d949f333038969c26bc67b
09adb42be1df0efa288e7df2f83fc9820c0e2f8ba5f943b0ba712b5738eea520
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 21:54:02 GMT
expires: Sat, 26 Nov 2022 21:54:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2874661611057160628
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
homemviril.maispopulares.com.br/tools/tracker_native.php?var1=testevar&var2=0&var3=BRL
104.21.53.104200 OK 472 B URL HTTP/2 homemviril.maispopulares.com.br/tools/tracker_native.php?var1=testevar&var2=0&var3=BRL
IP 104.21.53.104:0
Hash dbc2a6e97e1a78efbdee1d06a23b6419
ed1530cae0888091dffab62856bb1020c2d658b5
3c407edf88e9097d9494cd3bab6b83e45cb5aa20101b344ea5c199050e97f0fa
GET /tools/tracker_native.php?var1=testevar&var2=0&var3=BRL HTTP/1.1
Host: homemviril.maispopulares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enPlYGLHe5sR8YeR6Rj8h3Bwpj6B915qYsOEgzwVNJKNRROy9axrYEO7HidJVS1E06OHpDWB7RsMJenJHDx%2BKY6idFeZYnVcNZex8SWmycoAHz3jP%2FDsB661bDhBeceQ7ntwZWLYqde4CJxBwezVuCtj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705dc397eea0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1669499641291&cv=11&fst=1669499641291&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=OQnUCNHTvdkBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 20:41:08 GMT
expires: Sat, 26 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 4374
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/811775827/?random=1669499641297&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=2875137705&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/811775827/?random=1669499641297&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=2875137705&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/811775827/?random=1669499641297&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=2875137705&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/611304047/?random=1669499641333&cv=11&fst=1669499641333&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/611304047/?random=1669499641333&cv=11&fst=1669499641333&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1669499641333&cv=11&fst=1669499641333&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=438040016.1669499641&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10849238487/?random=1669499641299&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=3185932671&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10849238487/?random=1669499641299&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=3185932671&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10849238487/?random=1669499641299&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=3185932671&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HH1GNL894H&cid=1505421569.1669499642>m=2oeb90&aip=1&z=368900508
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HH1GNL894H&cid=1505421569.1669499642>m=2oeb90&aip=1&z=368900508
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HH1GNL894H&cid=1505421569.1669499642>m=2oeb90&aip=1&z=368900508 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/611304047/?random=1669499641295&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=2485331163&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/611304047/?random=1669499641295&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=2485331163&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/611304047/?random=1669499641295&cv=11&fst=1669496400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=2485331163&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-HH1GNL894H&cid=1505421569.1669499642>m=2oeb90&aip=1
142.250.150.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-HH1GNL894H&cid=1505421569.1669499642>m=2oeb90&aip=1
IP 142.250.150.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H&cid=1505421569.1669499642>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://portalsaude.meiahora.info
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1727690771&t=pageview&_s=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&ul=en-us&de=UTF-8&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACUABBAAAACAAI~&jid=1951179437&gjid=1036036418&cid=1505421569.1669499642&tid=UA-134148284-2&_gid=893006138.1669499642&_r=1>m=2oub90&z=1973755538
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1727690771&t=pageview&_s=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&ul=en-us&de=UTF-8&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACUABBAAAACAAI~&jid=1951179437&gjid=1036036418&cid=1505421569.1669499642&tid=UA-134148284-2&_gid=893006138.1669499642&_r=1>m=2oub90&z=1973755538
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=1727690771&t=pageview&_s=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&ul=en-us&de=UTF-8&dt=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACUABBAAAACAAI~&jid=1951179437&gjid=1036036418&cid=1505421569.1669499642&tid=UA-134148284-2&_gid=893006138.1669499642&_r=1>m=2oub90&z=1973755538 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://portalsaude.meiahora.info
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-134148284-2&cid=1505421569.1669499642&jid=1951179437&gjid=1036036418&_gid=893006138.1669499642&_u=YCDACUAABAAAACAAI~&z=40342843
142.250.150.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-134148284-2&cid=1505421569.1669499642&jid=1951179437&gjid=1036036418&_gid=893006138.1669499642&_u=YCDACUAABAAAACAAI~&z=40342843
IP 142.250.150.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-134148284-2&cid=1505421569.1669499642&jid=1951179437&gjid=1036036418&_gid=893006138.1669499642&_u=YCDACUAABAAAACAAI~&z=40342843 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://portalsaude.meiahora.info
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 21:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.taboola.com/1484435/log/3/unip?en=view_content&tim=1669499641698&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=652&ssd=1&scd=93
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1484435/log/3/unip?en=view_content&tim=1669499641698&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=652&ssd=1&scd=93
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484435/log/3/unip?en=view_content&tim=1669499641698&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=652&ssd=1&scd=93 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.533860,VS0,VE91
x-vcl-time-ms: 91
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17792
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:54:02 GMT
Connection: keep-alive
adservice.google.no/adsid/integrator.js?domain=topdanet3.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=topdanet3.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=topdanet3.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 21:54:02 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17792
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:54:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17792
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:54:02 GMT
Connection: keep-alive
adservice.google.com/adsid/integrator.js?domain=topdanet3.blogspot.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=topdanet3.blogspot.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=topdanet3.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 21:54:02 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=0996180877285506&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=0996180877285506&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=0996180877285506&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: a7c7c97fe13a4690c5b40b4bf33eb8fc
content-encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zPOAhjKprWtHo_A2Fng2sgvXdbj3rF0BUkw7vCY1_gTPDebH62yTxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:43:36 GMT
age: 626
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 84053
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=09764003365120781&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=09764003365120781&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=09764003365120781&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 93d22236cf8ed25d6de342f81884d0e0
content-encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whO__FB0B2ywDP_p63eQ044RXbT207sX1i87I6nPAFUB85nSYc0Cuw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:46:31 GMT
age: 451
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 52836
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 86097
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 60574
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=0909115465603503&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=0909115465603503&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=0909115465603503&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 867c2e41b370d476c28ebf2b42dee826
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=009879437968937188&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=009879437968937188&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=009879437968937188&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 55ed0c9dfcfe60ec1436ae401cd16032
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=pageview2&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=011972908095547186&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=pageview2&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=011972908095547186&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=pageview2&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=011972908095547186&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 92a3fff151eb7991bb4cdf0bd7a04ba5
content-encoding: gzip
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.238.53200 OK 55 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 441723b72633b1ac9757ad7c63168005
806166ca9ebb5839dd90a5e5c9335e3e0b18c169
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8fceb15c2864c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+oqCYwAAAABOM7bJPEaiQrxnnNWjJxvEQ1BIMzBFREdFMDQyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 26 Nov 2022 21:54:02 GMT
X-Firefox-Spdy: h2
trc.taboola.com/1491668/log/3/unip?en=view_content&tim=1669499641699&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=871&ssd=1&scd=93
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1491668/log/3/unip?en=view_content&tim=1669499641699&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=871&ssd=1&scd=93
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491668/log/3/unip?en=view_content&tim=1669499641699&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=871&ssd=1&scd=93 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.676314,VS0,VE90
x-vcl-time-ms: 90
X-Firefox-Spdy: h2
loja.greenlime.xyz/titanblue-preco/
104.21.4.190403 Forbidden 1.2 kB URL HTTP/2 loja.greenlime.xyz/titanblue-preco/
IP 104.21.4.190:0
File type ASCII text, with very long lines (1626)
Hash 3f8dd611114b5b906565935bed69f4e8
bdee765bc31bd90751a789418d9062155f41dd8c
73255f2118fdcdd642fe5911ce4fb1e26a4fdb8cce28b496c5a824d4e2bf387b
GET /titanblue-preco/ HTTP/1.1
Host: loja.greenlime.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 26 Nov 2022 21:54:01 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqZzVJv%2BaJSiMHCm2iaPL6ki3fS6n3cFfhKWb0RBzC7GYVdN2g01gWGV6aJVeVClQT5hkepI2LlbyZAFWQwakaG3uihJcLQ%2FXeAvdRgS%2F5PTU5LhvQO6dRbpGHdzbfF5fiwYLCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705dc397f1cfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1491671/log/3/unip?en=view_content&tim=1669499641700&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=882&ssd=1&scd=93
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1491671/log/3/unip?en=view_content&tim=1669499641700&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=882&ssd=1&scd=93
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491671/log/3/unip?en=view_content&tim=1669499641700&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=882&ssd=1&scd=93 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.691635,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TBview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=044035205330714255&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TBview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=044035205330714255&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=TBview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=044035205330714255&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: b217108132ffdd0959826016c7961b8e
content-encoding: gzip
trc.taboola.com/1491669/log/3/unip?en=view_content&tim=1669499641700&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=884&ssd=1&scd=93
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1491669/log/3/unip?en=view_content&tim=1669499641700&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=884&ssd=1&scd=93
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491669/log/3/unip?en=view_content&tim=1669499641700&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&tos=884&ssd=1&scd=93 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.700972,VS0,VE87
x-vcl-time-ms: 87
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=Content-view&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=011619475802632939&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=Content-view&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=011619475802632939&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4&apiObjVersion=1.1&obtpVersion=2.0.4&name=Content-view&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=011619475802632939&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: f25febaf51dd78a3bb8eb1ef2a9a7250
content-encoding: gzip
trc.taboola.com/1484442/trc/3/json?tim=1669499642335&data=%7B%22id%22%3A514%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641698%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A16%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1484442/trc/3/json?tim=1669499642335&data=%7B%22id%22%3A514%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641698%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A16%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (2398), with no line terminators
Hash 9d3e6611a0a37c5282799200a88401e5
49001aa0104ec0f5ce89d3b96fc1ecbf04859548
a2a70ad2eec329e41361418b3e090ad79dd12ded9463f8ad56bb9d68251efc37
GET /1484442/trc/3/json?tim=1669499642335&data=%7B%22id%22%3A514%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641698%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A16%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.534423,VS0,VE105
vary: Accept-Encoding
x-vcl-time-ms: 105
X-Firefox-Spdy: h2
trc.taboola.com/1491669/trc/3/json?tim=1669499642343&data=%7B%22id%22%3A13%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback4%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1491669/trc/3/json?tim=1669499642343&data=%7B%22id%22%3A13%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback4%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (2356), with no line terminators
Hash b4974a2a5587daf74ebd0960cd546cca
29594154e41d9d7ed2ca41efba8e86ef365c1434
1b7097ebb4b1d7d9b6693ded7eb95ed63becec2f0022b7423be154f20b7d6037
GET /1491669/trc/3/json?tim=1669499642343&data=%7B%22id%22%3A13%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback4%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.535135,VS0,VE105
vary: Accept-Encoding
x-vcl-time-ms: 105
X-Firefox-Spdy: h2
www.clarity.ms/tag/9obhjgx0my?ref=gtm2
13.107.238.53200 OK 8.3 kB URL HTTP/2 www.clarity.ms/tag/9obhjgx0my?ref=gtm2
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 214c6aca8dad64703d5e2f5f6ef3cfc2
57d25456611b1007645299522d894dbfe710d8cc
bf71241832ad0cf4a1298e9e80cbd0f62e0fb469145d47baf1fcdff4ee8dca22
GET /tag/9obhjgx0my?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=b3ddef1d67a649f699cf3b4923d3a956.20221126.20231126; expires=Sun, 26 Nov 2023 21:54:02 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+oqCYwAAAAAQS8rOQAHVR7Y8hAhaJXVVQ1BIMzBFREdFMDQyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 26 Nov 2022 21:54:02 GMT
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=019339413333579136&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=019339413333579136&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=019339413333579136&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: d24608fb8a2c1c4a6453047bab5b65fe
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=08637051876313862&referrer=
64.202.112.159200 OK 7.7 kB URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=08637051876313862&referrer=
IP 64.202.112.159:0
Hash 4a64bde209718c7897dc38aa04b9e312
ab8e77f80a8a58132c20306f99449f0fbad04f98
e2751c0224b2b222395eeedcf593d6b578b08077bbd6602e0d2bd16956f6cf80
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=08637051876313862&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 2092463a8e80607b14171b62e0b32ed3
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&apiObjVersion=1.1&obtpVersion=2.0.4&name=titanVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=01055908083240168&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&apiObjVersion=1.1&obtpVersion=2.0.4&name=titanVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=01055908083240168&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d7f59d941021185750ada220afe38bbb,007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&apiObjVersion=1.1&obtpVersion=2.0.4&name=titanVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F&optOut=false&bust=01055908083240168&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:02 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 80e394c3bfb1f4f29e67ab04facb5270
content-encoding: gzip
c.bing.com/c.gif?CtsSyncId=6AB7DB8C5F844A9EA4B4A174BC19CCBA&RedC=c.clarity.ms&MXFR=2632A3DA9BE36FE83407B1B29FE36195
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=6AB7DB8C5F844A9EA4B4A174BC19CCBA&RedC=c.clarity.ms&MXFR=2632A3DA9BE36FE83407B1B29FE36195
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=6AB7DB8C5F844A9EA4B4A174BC19CCBA&RedC=c.clarity.ms&MXFR=2632A3DA9BE36FE83407B1B29FE36195 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=6AB7DB8C5F844A9EA4B4A174BC19CCBA&MUID=0866344D65096D9F25312625645E6C5F
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0866344D65096D9F25312625645E6C5F; domain=c.bing.com; expires=Thu, 21-Dec-2023 21:54:02 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2F5C1807E76463380128174FBED73D5 Ref B: OSL30EDGE0416 Ref C: 2022-11-26T21:54:02Z
date: Sat, 26 Nov 2022 21:54:02 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 816d70da869514eb692b661a8226d9c1
a89905476481099656b3461acd454ad11ad5584d
cd03b16cdd0d63deb1336dec06481a119a46359358605c8faca8955f90939a34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif?CtsSyncId=6AB7DB8C5F844A9EA4B4A174BC19CCBA&MUID=0866344D65096D9F25312625645E6C5F
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=6AB7DB8C5F844A9EA4B4A174BC19CCBA&MUID=0866344D65096D9F25312625645E6C5F
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=6AB7DB8C5F844A9EA4B4A174BC19CCBA&MUID=0866344D65096D9F25312625645E6C5F HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 26-Nov-2022 22:04:02 GMT; path=/; SameSite=None; Secure;
date: Sat, 26 Nov 2022 21:54:02 GMT
content-length: 42
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 26 Nov 2022 21:54:02 GMT
expires: Sat, 26 Nov 2022 21:54:02 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topdanet3.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:10:36 GMT
expires: Wed, 22 Nov 2023 20:10:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 351807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.taboola.com/1491668/trc/3/json?tim=1669499642340&data=%7B%22id%22%3A839%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback3%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.5 kB URL HTTP/2 trc.taboola.com/1491668/trc/3/json?tim=1669499642340&data=%7B%22id%22%3A839%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback3%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
Hash de2a98c61db90eb6afa53d0675aa2169
18e38e549c51a231616d4bd879e2e5010c146d7b
97922b8eab39074036a7966a06d21c8e3980c1d7cef630ae8a485368fd433c97
GET /1491668/trc/3/json?tim=1669499642340&data=%7B%22id%22%3A839%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback3%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.534920,VS0,VE103
vary: Accept-Encoding
x-vcl-time-ms: 103
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/appmax_finger_security@1.14.0
151.101.85.229200 OK 5.7 kB URL HTTP/2 cdn.jsdelivr.net/npm/appmax_finger_security@1.14.0
IP 151.101.85.229:0
File type ASCII text, with very long lines (15741)
Hash 0413caff67df4bd280856684cc793a19
455edf405a2c37bdaf74fe9c7b44af36b1626efe
0edfaf3558dcb83139030422fe0f8ddf44976c07da68b9862628985b3e47b412
GET /npm/appmax_finger_security@1.14.0 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.0
x-jsd-version-type: version
etag: W/"3fa7-M3rULXHq+8US1S4zupn/8OvvClA"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:03 GMT
age: 2200400
x-served-by: cache-fra-eddf8230126-FRA, cache-bma1654-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5705
X-Firefox-Spdy: h2
trc.taboola.com/1491671/trc/3/json?tim=1669499642345&data=%7B%22id%22%3A273%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback5%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641700%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A18%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 2.9 kB URL HTTP/2 trc.taboola.com/1491671/trc/3/json?tim=1669499642345&data=%7B%22id%22%3A273%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback5%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641700%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A18%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
Hash b21604b5ef7a77f945d487896bfde8f8
bdb2e92e14012ee17e815c90de89959f5d3ebb53
16454176ca393de49ef086bc62ebc6395bb5eed5a54f6d5710dc67242f5b3c16
GET /1491671/trc/3/json?tim=1669499642345&data=%7B%22id%22%3A273%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback5%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641700%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A18%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.528421,VS0,VE110
vary: Accept-Encoding
x-vcl-time-ms: 110
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16105
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
date: Sat, 26 Nov 2022 21:54:02 GMT
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/images/secure_verde.svg
54.94.125.98200 OK 17 kB URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/images/secure_verde.svg
IP 54.94.125.98:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 73a813d9a2cf0353542ffb204884da2b
ba446111cf8c6a02192080a89932e1545a3593c8
4019b0116440efbb2194d0f6de3f0df73d6cd0b05366589748b97f434e0164a5
GET /checkout-public/one-checkout/monetizze/images/secure_verde.svg HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: image/svg+xml
content-length: 17300
server: nginx
last-modified: Mon, 27 Jun 2022 19:07:55 GMT
etag: "62ba000b-4394"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/bootstrap.min.css?v=6.5.90
54.94.125.98200 OK 23 kB URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/bootstrap.min.css?v=6.5.90
IP 54.94.125.98:0
File type ASCII text, with very long lines (65324)
Hash 0cffbd712b26ae8052b4fdf5ee2a18e3
247dc5d62e21afea8df86fd301dda14d392b180c
f84c05e031900b9773839e206a0054abfd2ff6c7c5fe2f397d7e3d4fd0b7ddf5
GET /checkout-public/one-checkout/common/css/bootstrap.min.css?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: text/css
server: nginx
last-modified: Thu, 07 Jun 2018 19:31:15 GMT
etag: W/"5b198803-22682"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
trc-events.taboola.com/1491668/log/3/unip?en=pre_d_eng_tb&tos=1577&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643259&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1491668/log/3/unip?en=pre_d_eng_tb&tos=1577&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643259&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491668/log/3/unip?en=pre_d_eng_tb&tos=1577&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643259&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:03 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1484435/log/3/unip?en=pre_d_eng_tb&tos=1576&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643258&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484435/log/3/unip?en=pre_d_eng_tb&tos=1576&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643258&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484435/log/3/unip?en=pre_d_eng_tb&tos=1576&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643258&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:03 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1491669/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643259&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1491669/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643259&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491669/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643259&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:03 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1491671/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643260&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1491671/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643260&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491671/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669499643260&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:03 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=74972&bid=undefined&aid=undefined&tp=3991
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=74972&bid=undefined&aid=undefined&tp=3991
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=74972&bid=undefined&aid=undefined&tp=3991 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:03 GMT
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 781b75872e4ea526f49c61f0d7afaefc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 425
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
date: Sat, 26 Nov 2022 21:54:03 GMT
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/check-customer-order?_=1669499643641
54.94.125.98200 OK 164 kB URL HTTP/2 amostratitanb12x.appmax.com.br/check-customer-order?_=1669499643641
IP 54.94.125.98:0
File type JSON data\012- , ASCII text, with very long lines (758)
Size 164 kB (164139 bytes)
Hash d30839e1e7abe06bbf156a13da2d73e3
32fbfc4488e38eadc0797aaa16cb0018b1c9d88b
f9b450c3a04ffbf169c022b80a8079536672babfd2a924ce37d35a747831474b
GET /check-customer-order?_=1669499643641 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiN2I3ZTBlYjhjOGZmOGUwZCIsInRyIjoiODM4YmQxNWQ0NDg2YzNlMTA2NmFmOGM5OGZhMGEzZDAiLCJ0aSI6MTY2OTQ5OTY0NDMzNX19
traceparent: 00-838bd15d4486c3e1066af8c98fa0a3d0-7b7e0eb8c8ff8e0d-01
tracestate: 3226302@nr=0-1-3226302-982856186-7b7e0eb8c8ff8e0d----1669499644335
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-CSRF-TOKEN: jkyN3NiO8SBMptY8m2mygugnbcTlRzKV0TKurdVq
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:04 GMT
content-type: application/json
server: nginx
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjM1WjFXODJJdHR0YTVoMEhqdUtBanc9PSIsInZhbHVlIjoiQTN4MFhJSWJjbUNZQ29SSVFRdU9iOTZNSWhGZytDN3E2c0x2aFM0algrcmttRDJTbHBIQ2IrNFNcL3pXTkxYR2Vzbm5PM1prRUtxbWt4eGZtXC80KzhyQT09IiwibWFjIjoiYzM0MWMxZDkwYjEzYWRkNzkzMjAwYTk4MmYxNjk1MzMxZTBhZTZjYTExZDliNjJjY2MxNGM4YjhmM2I3YjZiOCJ9; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IlY0UXVyTE5xayt3ME9YVmVzWDhkV3c9PSIsInZhbHVlIjoiejdIZU1IZmk0UzFEZ25ObUV1dVhNbldua29QQ0VZMkVpcnMzWXRxVExzNTlDZDRldkNlZE1JbDRjMm5LNGtyVklvamJKQ29nOFwvc2NpTitTNFczbnZRPT0iLCJtYWMiOiIyNWRhMjgzNDYxOWUwYTFjMzRmN2U4OTQ5OGNhNmM3ODQxYTI3MzA2OTkxZWE5M2UxYjMzMTg1ZGE3N2QzZDFkIn0%3D; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22a59f007fbf3384ccc33cc586d5d348f0%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22_%22%3A%221669499643641%22%7D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.86.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 665
x-timer: S1669499645.279119,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/order/get-image-path/2250
54.94.125.98200 OK 6.2 kB URL HTTP/2 amostratitanb12x.appmax.com.br/order/get-image-path/2250
IP 54.94.125.98:0
File type JSON data\012- , ASCII text, with very long lines (17677)
Hash a1b9356b3346cb4ffdb677840b26a32c
fd4e83519ec75f8d0c8d36292a72432474bc4f50
de0eafa0f5bac1dd33870a1643e185d2cf52206225408f0ad38216d358a5eab2
GET /order/get-image-path/2250 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiYzc0ODE2OTc3YzYxODhmYiIsInRyIjoiMDlmNTg1MTFhMDY5YzA3NDA4NzljMTk2NjhlOTMyMTAiLCJ0aSI6MTY2OTQ5OTY0NDMxNH19
traceparent: 00-09f58511a069c0740879c19668e93210-c74816977c6188fb-01
tracestate: 3226302@nr=0-1-3226302-982856186-c74816977c6188fb----1669499644314
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: jkyN3NiO8SBMptY8m2mygugnbcTlRzKV0TKurdVq
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:04 GMT
content-type: application/json
server: nginx
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Ik5Yc2dsTnRTMHNOM0RtMDBIcEZ5M3c9PSIsInZhbHVlIjoiYmVnbUg1b2J1RmVsVFFDOTJwQ3llTm5mcmJBNnl1MjZCSURSRFMxQVoyQndKYnFTZVRHNmZpTGY2SDBRNmJidG9qendYUDVSYU9VUnZacEJzQVwva2pBPT0iLCJtYWMiOiI0ZjY5NmUxYWM3OWQ0YmMyYTRlZjcwNmUxOGIyZWUxMzQyNWRiYmMyM2M2OGM1YzViZjMyOTRlMzI3OTlmNGIzIn0%3D; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6InFhTFk5SVhvOWgyWlNwcFduMWdCNEE9PSIsInZhbHVlIjoiNUtTZEd4clhibjhwZ0pJd2JRSGFzRmhmNWh0VXBra0YzMVE1VXdnYjZmcnh0QmpUU1VyUE1XRHF5RVwvMkhpb0UwTWZQMzFGUCtkdHhZRldnOFVTeVNnPT0iLCJtYWMiOiJlOTA3M2U1ZGU2ZTZiMjZkODk5MjExOTJkOGQ5ZjQyMDJhOTc0MmEyMzg3MzZmMTI0MGMzZDU4MDVhMDQzOTFhIn0%3D; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22a59f007fbf3384ccc33cc586d5d348f0%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%5B%5D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/one-checkout/check-price-pix
54.94.125.98403 Forbidden 3.5 kB URL HTTP/2 amostratitanb12x.appmax.com.br/one-checkout/check-price-pix
IP 54.94.125.98:0
File type JSON data\012- , ASCII text, with very long lines (8630)
Hash 39c3f93f16507ec1c17dac81be9c3f01
d37f436cd4607937d3671c52669f0eda190efbbf
5c0d2597de441a75035c6736a025526489294cecba70db51fbdd7bc746bdd65f
POST /one-checkout/check-price-pix HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiYjA2ODE0NDExMTAyZWYxMCIsInRyIjoiOWVmOGI4N2E5YzliOWNhYTU0OTMwM2FlYzZhMGMzZDAiLCJ0aSI6MTY2OTQ5OTY0NDMxNX19
traceparent: 00-9ef8b87a9c9b9caa549303aec6a0c3d0-b06814411102ef10-01
tracestate: 3226302@nr=0-1-3226302-982856186-b06814411102ef10----1669499644315
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: jkyN3NiO8SBMptY8m2mygugnbcTlRzKV0TKurdVq
Content-Type: application/json;charset=utf-8
Content-Length: 83
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 26 Nov 2022 21:54:04 GMT
content-type: application/json
server: nginx
cache-control: no-cache
set-cookie: laravel_session=eyJpdiI6IjB1dG0xXC93N2krN1JBeHNqTEFJQVFBPT0iLCJ2YWx1ZSI6IkJOcnlzRVwvVndrOUtVVXRSV0hSRkt1OWhYT0pCNmpUUjlRSDRsV3JJSzU2OXM1cFZIZmtVRGVPM3FFbW1yK3hkeTZSeEpWR1JQNExHRzc4c2Y1V1RaQT09IiwibWFjIjoiZDQ0ZTU1ZWUxNGQ5NTdiMjY5ZGNiZmQ1Y2M3Y2E0MTg4ZDNhMGYzODliZGE5ZjVhYTk1ZDAyNGY3NGM5MjY4NCJ9; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
151.101.86.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 659
x-timer: S1669499645.370920,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
151.101.86.137200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 824
x-timer: S1669499645.370897,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/39.2d6a2503-1220.js
151.101.86.137200 OK 2.8 kB URL HTTP/2 js-agent.newrelic.com/39.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (7169)
Hash a0a406e7bdf3e14f047e46bcea27640c
c1fbc88d260f16a092c1b7b0e58e4291401478e8
2309d4e82574d5402ec3454a76051987336fe3b4e4d546f6565a3a443c6d4049
GET /39.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: KxfPNXIQ38SSfzz490TMAo2ltA9W5l6OlU9HI6h8SfmvQBHsTP/3JrzkCdnsVJAOdxSfq1TwUMk=
x-amz-request-id: ESHWVX2RDYQJKTJS
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 253
x-timer: S1669499645.371230,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2755
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.86.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 154
x-timer: S1669499645.371250,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/css/styles.min.css?v=6.5.90
54.94.125.98200 OK 3.3 kB URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/css/styles.min.css?v=6.5.90
IP 54.94.125.98:0
File type ASCII text, with very long lines (7892)
Hash 7f0de770e320fd0f2996979a398a6011
0abf0fdb6d5b591bbd98358b8bce9fb00255f323
4a03dc7f665fc318017106828f5ee831d2f966c2236aa53159df7cda004728cb
GET /checkout-public/one-checkout/monetizze/css/styles.min.css?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: text/css
server: nginx
last-modified: Fri, 09 Jul 2021 14:23:19 GMT
etag: W/"60e85bd7-a86"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
js-agent.newrelic.com/571.2d6a2503-1220.js
151.101.86.137200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/571.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (2412)
Hash d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Cn07g451pzP+BuOyXbJ5c0o8ExPUm1rBYP/GYVQDFxcy7KzhZDW/Ep1gB0iV/QBa/UCWbkhew68=
x-amz-request-id: XM6J6T5Z32K8FRFH
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 253
x-timer: S1669499645.371609,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
js-agent.newrelic.com/820.2d6a2503-1220.js
151.101.86.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/820.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (7460)
Hash 7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mfz69jbwDdVjAOvigezanDeGlG58lNEgRQZJ5bHuLqr3T+YzVd1KlatkpX7gSSdNs3YsWLt1rsw=
x-amz-request-id: 7DG6EGGM14MJB93M
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669499645.371579,VS0,VE1
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
dhl6xem5lrcqr.cloudfront.net/selfservice/248/5cd4912fee75f.png
54.230.245.5200 OK 698 kB URL HTTP/2 dhl6xem5lrcqr.cloudfront.net/selfservice/248/5cd4912fee75f.png
IP 54.230.245.5:0
File type PNG image data, 1077 x 740, 8-bit/color RGBA, non-interlaced\012- data
Size 698 kB (698345 bytes)
Hash 01811d2da776b8ebfe99f5b0f0bf6eb5
36bd2ee05ba79b1dcd0f7e45ee3071064c5b3cb5
a7c226bc76c524d968695e5c2319635110ca42f9e76dff38ce6d260b9bbf2ee1
GET /selfservice/248/5cd4912fee75f.png HTTP/1.1
Host: dhl6xem5lrcqr.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 698345
last-modified: Thu, 09 May 2019 20:44:33 GMT
x-amz-version-id: nW0f5oE2z5n.lhdUSFqE93ZYNIYzvK8_
accept-ranges: bytes
server: AmazonS3
date: Sat, 26 Nov 2022 21:54:06 GMT
etag: "01811d2da776b8ebfe99f5b0f0bf6eb5"
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sdhUEyOx3g_BuEnuUTOYr-Lj3tOgCmFl2xQLk5aiALhrh1b6R3XGDg==
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=1011&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout&ap=123&be=377&fe=109&dc=107&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669499644323,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:4,%22rp%22:357,%22rpe%22:357,%22dl%22:363,%22di%22:483,%22ds%22:483,%22de%22:484,%22dc%22:485,%22l%22:485,%22le%22:491%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=1011&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout&ap=123&be=377&fe=109&dc=107&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669499644323,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:4,%22rp%22:357,%22rpe%22:357,%22dl%22:363,%22di%22:483,%22ds%22:483,%22de%22:484,%22dc%22:485,%22l%22:485,%22le%22:491%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=1011&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout&ap=123&be=377&fe=109&dc=107&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669499644323,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:4,%22rp%22:357,%22rpe%22:357,%22dl%22:363,%22di%22:483,%22ds%22:483,%22de%22:484,%22dc%22:485,%22l%22:485,%22le%22:491%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:06 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7705dc5019cd1c06-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=4536&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250&ap=383&be=1584&fe=2903&dc=1400&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669499641346,%22n%22:0,%22f%22:0,%22dn%22:23,%22dne%22:50,%22c%22:60,%22s%22:277,%22ce%22:850,%22rq%22:852,%22rp%22:1546,%22rpe%22:1546,%22dl%22:1565,%22di%22:2978,%22ds%22:2983,%22de%22:2985,%22dc%22:4487,%22l%22:4487,%22le%22:4493%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=4536&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250&ap=383&be=1584&fe=2903&dc=1400&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669499641346,%22n%22:0,%22f%22:0,%22dn%22:23,%22dne%22:50,%22c%22:60,%22s%22:277,%22ce%22:850,%22rq%22:852,%22rp%22:1546,%22rpe%22:1546,%22dl%22:1565,%22di%22:2978,%22ds%22:2983,%22de%22:2985,%22dc%22:4487,%22l%22:4487,%22le%22:4493%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=4536&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250&ap=383&be=1584&fe=2903&dc=1400&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669499641346,%22n%22:0,%22f%22:0,%22dn%22:23,%22dne%22:50,%22c%22:60,%22s%22:277,%22ce%22:850,%22rq%22:852,%22rp%22:1546,%22rpe%22:1546,%22dl%22:1565,%22di%22:2978,%22ds%22:2983,%22de%22:2985,%22dc%22:4487,%22l%22:4487,%22le%22:4493%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:06 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7705dc53889bb50b-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
trc-events.taboola.com/1479452/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646263&vi=1669499641664&ri=a450ab32d837b8976207b711b04074f9&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1479452/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646263&vi=1669499641664&ri=a450ab32d837b8976207b711b04074f9&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1479452/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646263&vi=1669499641664&ri=a450ab32d837b8976207b711b04074f9&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1484435/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646263&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484435/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646263&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484435/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646263&vi=1669499641664&ri=00f7d3ad9b01c5bbc832a198f14e3d8e&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1484442/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646264&vi=1669499641664&ri=82b6585592bf5f9b74df0cee64cb96ea&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484442/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646264&vi=1669499641664&ri=82b6585592bf5f9b74df0cee64cb96ea&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484442/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646264&vi=1669499641664&ri=82b6585592bf5f9b74df0cee64cb96ea&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1491668/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646264&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1491668/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646264&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491668/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646264&vi=1669499641664&ri=d24502cb8c7186f8b6a8b5e2c0e69496&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1491669/log/3/unip?en=pre_d_eng_tb&tos=4583&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646265&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1491669/log/3/unip?en=pre_d_eng_tb&tos=4583&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646265&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491669/log/3/unip?en=pre_d_eng_tb&tos=4583&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646265&vi=1669499641664&ri=f84a779613f71639935a030374ad3e15&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1491671/log/3/unip?en=pre_d_eng_tb&tos=4583&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646265&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1491671/log/3/unip?en=pre_d_eng_tb&tos=4583&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646265&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491671/log/3/unip?en=pre_d_eng_tb&tos=4583&scd=93&ssd=1&est=1669499641679&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669499646265&vi=1669499641664&ri=4ae3402a59f3e731d290cc8185e6e803&ref=null&cv=20221117-23-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 21:54:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=1864&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=1864&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=1864&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 198
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:07 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7705dc555e0c1c06-OSL
Access-Control-Allow-Origin: https://amostratitanb12x.appmax.com.br
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=4909&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=4909&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1220.PROD&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=4909&ck=0&s=a4ad9ea6a1859ae0&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1069
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 21:54:07 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7705dc55cba9b50b-OSL
Access-Control-Allow-Origin: https://amostratitanb12x.appmax.com.br
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 320
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
date: Sat, 26 Nov 2022 21:54:07 GMT
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/vendor.min.js?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/vendor.min.js?v=6.5.90
IP 54.94.125.98:0
GET /checkout-public/one-checkout/common/js/vendor.min.js?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 11 Feb 2020 13:47:28 GMT
etag: W/"5e42b070-4289e"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
titanblue.appmax.com.br/st?r=b1d8a2cb&undefined
54.94.125.98302 Found 0 B URL HTTP/2 titanblue.appmax.com.br/st?r=b1d8a2cb&undefined
IP 54.94.125.98:0
GET /st?r=b1d8a2cb&undefined HTTP/1.1
Host: titanblue.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 21:54:02 GMT
content-type: text/html; charset=UTF-8
location: https://titanblue12x.com/tb12/pixel/whitepage/check.gif
server: nginx
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6IkpJejB2XC9SZmN6clE2eklUNmczK2x3PT0iLCJ2YWx1ZSI6IlRJNTFVVXNsdDU2WlpQSkFXTng0elNzcVwvOXNmbmJKZFVWdkt5bzRmN1hvWVNHSklKRFB4ditzcU5Db0R3b2YwdG5ZRm9vTDA1a1wvRGdhQ1QxZWlQbnc9PSIsIm1hYyI6ImE5OTdjNWE2ODlmYjA4ZTMzN2Y1ZTJhZmNkZWZhNzkwNWMxZjljNzFhMjAzMTU4NDBjZDg5YTQyMzIzMGEyMWIifQ%3D%3D; expires=Sat, 26-Nov-2022 23:54:02 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IjNwQkR4T21ldFNXbWkzNVVLZzhqOUE9PSIsInZhbHVlIjoiZ0k1TDhLVVllXC83RUYya1VYQ3dOWGpzejJ6eVFmRzI0cU51Z1J2SkVicGtHa1Jka3ZFa0Z2ZzFcL0FnYWxjalFrR1hFdUVnelhnSm1KdU9ia2l4MTB1UT09IiwibWFjIjoiODAxYWFiYWE3MWU0OTNkYzIwZmEwMjA2ODQyNmU5YWMyMzQxMDliYWU0YzQ0MTdmYmFmYWZiMDVhYzQ0YWNmZiJ9; expires=Sat, 26-Nov-2022 23:54:02 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22a59f007fbf3384ccc33cc586d5d348f0%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Fportalsaude.meiahora.info%5C%2F%22%2C%22st%22%3Atrue%2C%22click_config%22%3A%22first_click%22%7D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22r%22%3A%22b1d8a2cb%22%2C%22undefined%22%3A%22%22%7D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%7B%22full_url%22%3A%22https%3A%5C%2F%5C%2Ftitanblue.appmax.com.br%5C%2Fst%3Fr%3Db1d8a2cb%26undefined%22%7D%2C%7B%22full_url%22%3A%22https%3A%5C%2F%5C%2Ftitanblue12x.com%5C%2Ftb12%5C%2Fpixel%5C%2Fwhitepage%5C%2Fcheck.gif%22%7D%5D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/animation.css?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/animation.css?v=6.5.90
IP 54.94.125.98:0
GET /checkout-public/one-checkout/common/css/animation.css?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: text/css
server: nginx
last-modified: Thu, 07 Jun 2018 19:31:15 GMT
etag: W/"5b198803-741"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/tracking-page-config
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/tracking-page-config
IP 54.94.125.98:0
GET /tracking-page-config HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiN2IyYTU4ZjlhNGRkMGE2MCIsInRyIjoiNjdhYjFlMjc0Mzg3ZTdlNGRmZjUzYjM2ZGIyMmZmOTAiLCJ0aSI6MTY2OTQ5OTY0MzY2Nn19
traceparent: 00-67ab1e274387e7e4dff53b36db22ff90-7b2a58f9a4dd0a60-01
tracestate: 3226302@nr=0-1-3226302-982856186-7b2a58f9a4dd0a60----1669499643666
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:04 GMT
content-type: application/json
server: nginx
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjNTODFVUWdkdHNHdjY5d0t0ZExiSlE9PSIsInZhbHVlIjoid2Y1MnZqV21KUDZXb1FKVUQxVzI0YldSejFveEMwOFZWbmh0UnhidDFpV1VPQWRmb3loaEJuckNPXC91cmhBR2lHTFQ4anVlaXpxanRWOEQ3b2ZvV1lnPT0iLCJtYWMiOiJhOGI0OTY3YjY0Mjc2NzBhNzQxOWFhYWU1MGQ5ZjM3MzljNDhiMTBmMzhjZGVlNmQxOGU5ZDc3ZWY3YzUyODU5In0%3D; expires=Sat, 26-Nov-2022 23:54:03 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IjdaTjNUNjZqaFduYkw3VTRwdjZmWXc9PSIsInZhbHVlIjoiTEp5R1JcL21ObThIdStNMVhLKzB3amo5UW0wNHRnRW1FNG9JS2VmSEN6aDdaSlwvcUF0YnBPUFZNcVB2SkxYbWY3bWV1ZkNsS21zbm93cmlFcWFGeVFcL3c9PSIsIm1hYyI6ImRlZWY0OTJmNWI3NmJjMmRlOGI0ZDAwNGQ1NTg3MmE4YzE3ODgyNGNmODc0ZWRiZTFhMjdmNzUwOGMyNTA2NDQifQ%3D%3D; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7201; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22a59f007fbf3384ccc33cc586d5d348f0%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Sun, 27-Nov-2022 21:54:03 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Sun, 27-Nov-2022 21:54:03 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%5B%5D; expires=Sun, 27-Nov-2022 21:54:03 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Sun, 27-Nov-2022 21:54:03 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
IP 54.94.125.98:0
GET /one-checkout/ocmtb/2250?src=app&undefined HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiZTkxODUyYjVlODIzOTZkMSIsInRyIjoiNWM1OTc5YmMxODMxYzhiODMwOTU0ZTZhZTlhMTViZjAiLCJ0aSI6MTY2OTQ5OTY0NDM2NX19
traceparent: 00-5c5979bc1831c8b830954e6ae9a15bf0-e91852b5e82396d1-01
tracestate: 3226302@nr=0-1-3226302-982856186-e91852b5e82396d1----1669499644365
X-CSRF-TOKEN: jkyN3NiO8SBMptY8m2mygugnbcTlRzKV0TKurdVq
X-Requested-With: XMLHttpRequest
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:05 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IlhYdUFKSXpHS2k2dkhJeTlWbVNpNWc9PSIsInZhbHVlIjoiVXNFV2lcL0JhTW9Jd3RBZmZzU1IwOHZXTmJrdGJlN3VodlR6WVBSTVVJSVc1dzdyd1VrVlZobTlkZmMyd3VZbDVrR2tIeG5QK3AwSXNYMVV5Wmo1NzNnPT0iLCJtYWMiOiI4YWEyYzdiY2RjMTdlNTAzYjAyMzNlOTBlNDg1YzdkYzA0YzRiNWVkZjA2ZGI2Y2MxOGYxZjVlYjljMDJjNDc5In0%3D; expires=Sat, 26-Nov-2022 23:54:05 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IitPaFVQSG94SnVhTG5xeUFLdVM5Y1E9PSIsInZhbHVlIjoiKzBEYUZCRUVvbktISTJsWDZmVVg2aVhBeGFQSmJVbTdpbXNvYXRQZ3Rxa1wva3U0WlMwZVF4T2VEbFRmV2ZmcFZldTd2azk3b1R5WHZZN1FPWTAyVVhRPT0iLCJtYWMiOiJiOTFiOTFmOTgxN2Y2MWFiZDk5NzRkMGU5NmQyOTc4YTY1Y2M1ODU1ZDJmYWM5YTgwNDgxYjY1NDA3MTBmZjgxIn0%3D; expires=Sat, 26-Nov-2022 23:54:05 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22a59f007fbf3384ccc33cc586d5d348f0%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Sun, 27-Nov-2022 21:54:05 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Sun, 27-Nov-2022 21:54:05 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22src%22%3A%22app%22%2C%22undefined%22%3A%22%22%7D; expires=Sun, 27-Nov-2022 21:54:05 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Sun, 27-Nov-2022 21:54:05 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_pixel_api_identifier=eyJpdiI6ImFmOTdnOUNsOHZoa2xHYmtBQlZQXC9BPT0iLCJ2YWx1ZSI6IkdTdlFpZXJFU0ZqY0ZmYno4ZUtQK0g4amJ0K0lwamJtWHN3dERRTG1NSEpsUUlKaGtlOVk3RG5rU09GSTZLelIiLCJtYWMiOiJiYWU0M2RjMTNlMTY3OTdjNjRkNGIyN2I1ODA1NWRiMTgxNzk5YjJlY2I4NDZmZTdmMjhmYTA4ODM5YjJlMDdlIn0%3D; expires=Sun, 27-Nov-2022 21:54:05 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Mukta:300,600,200&subset=latin
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Mukta:300,600,200&subset=latin
IP 142.250.74.10:0
GET /css?family=Mukta:300,600,200&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 21:54:00 GMT
date: Sat, 26 Nov 2022 21:54:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/tag/9rf6379oo9
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/9rf6379oo9
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/9rf6379oo9 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=12f92078bfee4c43ab94d13129d446c5.20221126.20231126; expires=Sun, 26 Nov 2023 21:54:02 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+oqCYwAAAABL+6EPzdQPR5+AOgNng9jkQ1BIMzBFREdFMDQyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 26 Nov 2022 21:54:02 GMT
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/js/discount.coupon.min.js?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/js/discount.coupon.min.js?v=6.5.90
IP 54.94.125.98:0
GET /checkout-public/one-checkout/monetizze/js/discount.coupon.min.js?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Wed, 05 Oct 2022 17:01:29 GMT
etag: W/"633db869-147c"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/one-checkout/check-price-boleto
54.94.125.98302 Found 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/one-checkout/check-price-boleto
IP 54.94.125.98:0
POST /one-checkout/check-price-boleto HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiZTkxODUyYjVlODIzOTZkMSIsInRyIjoiNWM1OTc5YmMxODMxYzhiODMwOTU0ZTZhZTlhMTViZjAiLCJ0aSI6MTY2OTQ5OTY0NDM2NX19
traceparent: 00-5c5979bc1831c8b830954e6ae9a15bf0-e91852b5e82396d1-01
tracestate: 3226302@nr=0-1-3226302-982856186-e91852b5e82396d1----1669499644365
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: jkyN3NiO8SBMptY8m2mygugnbcTlRzKV0TKurdVq
X-Requested-With: XMLHttpRequest
Content-Length: 72
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Sat, 26 Nov 2022 21:54:04 GMT
content-type: text/html; charset=UTF-8
location: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
server: nginx
cache-control: no-cache
set-cookie: laravel_session=eyJpdiI6IlwvcXNsODdLaStQNU10SEI3anlLenhRPT0iLCJ2YWx1ZSI6InByZGlFV2twWkhNcVEwTUo4YkYxVVBEMGdtYkc1bmpWYytJXC81RmpiQzk0bWRaYmZYdXFjUTJ4SHJzT29zVnM5d2pOVFwvMnVwczhQelBkRENQUElcL0x3PT0iLCJtYWMiOiJmOGE0MmJlODFkNTgwMTAwODMwMDNhODk4YTk1N2Q0YWM4MjVmYjJhZmM2NWJiNzYwZDRhM2E5MDRmOGRlODNiIn0%3D; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/check-session
54.94.125.98403 Forbidden 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/check-session
IP 54.94.125.98:0
POST /check-session HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiYjAxMmExMTY0MjlkNzMxZiIsInRyIjoiZDZlZTVhNDg0YjgyZjA5MzI5ODNiYWZlZWUyMDZhYjAiLCJ0aSI6MTY2OTQ5OTY0NDM2OH19
traceparent: 00-d6ee5a484b82f0932983bafeee206ab0-b012a116429d731f-01
tracestate: 3226302@nr=0-1-3226302-982856186-b012a116429d731f----1669499644368
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: jkyN3NiO8SBMptY8m2mygugnbcTlRzKV0TKurdVq
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 26 Nov 2022 21:54:04 GMT
content-type: application/json
server: nginx
cache-control: no-cache
set-cookie: laravel_session=eyJpdiI6ImhVczNrUVl3dENja0kzT01TVlZSZHc9PSIsInZhbHVlIjoiV2htT1NQZjBBNGF5cG5EdVE4ZEhoZzlneFwvaUdPMTUxOG9LSUpnZDRrK1EzcnBISlQwWDYzT28xcUVrMnMwa2htRFBsSVEwakRTMlZ5VGlqZ2IwRkVRPT0iLCJtYWMiOiIyNzc5MzY2NjYyY2NiYmQ2YTQwMDliZmIzMWUwMjEyMTNkNTRhNjYxZDNmZGY2YWE0OGEzYzM4N2QxN2NlNTBiIn0%3D; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/fontello.css?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/fontello.css?v=6.5.90
IP 54.94.125.98:0
GET /checkout-public/one-checkout/common/css/fontello.css?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: text/css
server: nginx
last-modified: Fri, 17 Aug 2018 18:15:47 GMT
etag: W/"5b7710d3-97c"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
IP 54.94.125.98:0
GET /one-checkout/ocmtb/2250?src=app&undefined HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:02 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Ik9keFFlVGJxYzNySklBY2hNTWwwcHc9PSIsInZhbHVlIjoiYkhBQkszd0kxcUFBVU51YWZ3TWEwb1VxQmRmenh6aVQrNHhcL2k5RWt2a1lTRXEyNXJqK0NIQVRIUnhEZFZmZ0tCWkMzUDg5d01ycENQVWpWaHNRR0V3PT0iLCJtYWMiOiJmZmVkNTI2OGZlNWM2ZTc4YTcwYmFmMGY3OGZmNjJjN2E4NDEyZWFkZGY4ZDU2NTU1MjMxODEzZTFiZjhmMDg1In0%3D; expires=Sat, 26-Nov-2022 23:54:02 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IjhTQitlNmx3OWwxWVY5ZVdcL2tvUUFnPT0iLCJ2YWx1ZSI6Im11N21FaGJRK2tHbWdXNEpQT0VsRDZGYlRJREQ5R0VQYm5QdUV0VFVNcFM2OXFrNHBMQ044cU1hME5CVThrM3VLNytxZUl4SUFJS3NHMytFcDBxWXh3PT0iLCJtYWMiOiIzNmQ1MjE0MmZmOWYwMTJkNGNmMjE1ODhiZTk2OTc0OTZjNjAwZmNmMGRhNThkYzI0YjRkZWQ1NjhjYWVhNzAzIn0%3D; expires=Sat, 26-Nov-2022 23:54:02 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22a59f007fbf3384ccc33cc586d5d348f0%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Fportalsaude.meiahora.info%5C%2F%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22src%22%3A%22app%22%2C%22undefined%22%3A%22%22%7D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_pixel_api_identifier=eyJpdiI6IlJDQ0Q3dkFoOU1yUG1TUTFBQ2txMXc9PSIsInZhbHVlIjoiVWx4ZVcxdTA4YjFTcTN6WHQrVFhBQmZUS1JDaGIrRFFUNFJaMnMyXC8xY1NwZW9CZWdkQW45M1VKYXh1U2JVdm8iLCJtYWMiOiI4MjcwYzhlNDVlNjFiOTI3NmZlMDg0MDY1MjA2NzY3MWM4ZGE1NmMxMjQyZDI0YTU0NmE4OGRiNmM3NjY3MThjIn0%3D; expires=Sun, 27-Nov-2022 21:54:02 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/pixel/page_checkout
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/pixel/page_checkout
IP 54.94.125.98:0
GET /pixel/page_checkout HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:04 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6IkRVUG5rM2p5R0RYUmw2TnQ1TWZaRnc9PSIsInZhbHVlIjoieEhQTVZ3aTdlSEFxQmZqVDVDMDNvam5cL1JaMGxwc05uK3N6YkhcL0tMVlNSRzJxUk14NG5uRXNSZUl5VGxwK0ZjZ1lCaFlIU090dFYzYVIxSVJaNDNXdz09IiwibWFjIjoiMzRjYjc1ZjMyZTI1MWNhODNjZTEwNzJlNjAxYTlhN2I0YjFiZmM3ODE0Yzk5OTY0MDNkN2FlYzIxOTZmZmJkYiJ9; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IjM0RlNrN1JodHk0eWY3ZENwblJIdUE9PSIsInZhbHVlIjoibTkyaVVIOTJsNlwvWTNjR09pS3N0c3lQeWpjazd3R0xzeVQ2cHlLR1N2MlVnUGZXVVhVTEkzbTdNaFhpalwvdWVZXC9KRXJldm9wM0dDZ0xEY0c5WHJcL3VnPT0iLCJtYWMiOiI1ODBlYzE3MzA3ZDE2ODM1MjA2MzcwYzcwOWE5NWQyOTQ5MTdiYjZkYmFkMDJhOTU3YzYzNzU2ZWJmYTM3OWQzIn0%3D; expires=Sat, 26-Nov-2022 23:54:04 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22a59f007fbf3384ccc33cc586d5d348f0%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%5B%5D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Sun, 27-Nov-2022 21:54:04 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/tracking/tracking.min.js?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/tracking/tracking.min.js?v=6.5.90
IP 54.94.125.98:0
GET /checkout-public/tracking/tracking.min.js?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Wed, 10 Nov 2021 13:37:41 GMT
etag: W/"618bcb25-422da"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/assets/js/checkout.min.js?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/assets/js/checkout.min.js?v=6.5.90
IP 54.94.125.98:0
GET /assets/js/checkout.min.js?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Mon, 06 Jun 2022 23:06:52 GMT
etag: W/"629e888c-13e415"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/functions.min.js?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/functions.min.js?v=6.5.90
IP 54.94.125.98:0
GET /checkout-public/one-checkout/common/js/functions.min.js?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Wed, 05 Oct 2022 17:01:29 GMT
etag: W/"633db869-634d"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/js/scripts.min.js?v=6.5.90
54.94.125.98200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/js/scripts.min.js?v=6.5.90
IP 54.94.125.98:0
GET /checkout-public/one-checkout/monetizze/js/scripts.min.js?v=6.5.90 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:03 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Mon, 07 Mar 2022 19:17:13 GMT
etag: W/"62265a39-8d8"
expires: Mon, 26 Dec 2022 21:54:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
produto.mercadolivre.com.br/MLB-1854598237-kit-com-03-titan-blue12x-100-natural-site-oficial-premium-_JM
54.230.111.81200 OK 0 B URL HTTP/2 produto.mercadolivre.com.br/MLB-1854598237-kit-com-03-titan-blue12x-100-natural-site-oficial-premium-_JM
IP 54.230.111.81:0
GET /MLB-1854598237-kit-com-03-titan-blue12x-100-natural-site-oficial-premium-_JM HTTP/1.1
Host: produto.mercadolivre.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sat, 26 Nov 2022 21:54:02 GMT
server: Tengine
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=31536000
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
set-cookie: _d2id=9cda2bfe-90a1-4262-aa0b-167e9c73f5c8-n; Path=/; Domain=.mercadolivre.com.br; Expires=Sun, 26 Nov 2023 21:54:01 GMT
_csrf=bN2Qe7aY4gUZOz_INY_47Wod; Path=/; HttpOnly; Secure
navigation_items=MLB1854598237%7C26112022215402; Domain=.mercadolivre.com.br; Path=/; Secure; SameSite=None
c_ui-navigation=5.21.3; Domain=produto.mercadolivre.com.br; Path=/; Expires=Mon, 26 Dec 2022 21:54:02 GMT; HttpOnly; Secure; SameSite=None
accept-ch: device-memory, dpr, viewport-width, rtt, downlink, ect, save-data
accept-ch-lifetime: 60
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
x-navigation-version: layout-4.10.0
etag: W/"56901-Z2gIWFc/0tagbivl+J4KYeQKkQE"
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 179
x-envoy-decorator-operation: bots.vpp-frontend.melifrontends.com
x-request-id: 9cda2bfe-90a1-4262-aa0b-167e9c73f5c8
x-request-device-id: 9cda2bfe-90a1-4262-aa0b-167e9c73f5c8
x-d2id: 9cda2bfe-90a1-4262-aa0b-167e9c73f5c8
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: are99n6yUanEFeiroHpMywOk89X7S8XDLWPF-7lKWdp79pzP8uCOFA==
X-Firefox-Spdy: h2
trc.taboola.com/1484435/trc/3/json?tim=1669499641695&data=%7B%22id%22%3A765%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641695%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A13%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1484435/trc/3/json?tim=1669499641695&data=%7B%22id%22%3A765%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641695%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A13%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1484435/trc/3/json?tim=1669499641695&data=%7B%22id%22%3A765%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641695%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A13%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499642.296992,VS0,VE114
vary: Accept-Encoding
x-vcl-time-ms: 114
X-Firefox-Spdy: h2
trc.taboola.com/1479452/trc/3/json?tim=1669499642339&data=%7B%22id%22%3A387%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1479452/trc/3/json?tim=1669499642339&data=%7B%22id%22%3A387%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1479452/trc/3/json?tim=1669499642339&data=%7B%22id%22%3A387%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669499641664%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669499641699%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Fpop5%2F%22%2C%22tos%22%3A17%2C%22ssd%22%3A1%2C%22scd%22%3A93%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 21:54:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669499643.534576,VS0,VE108
vary: Accept-Encoding
x-vcl-time-ms: 108
X-Firefox-Spdy: h2
koruvital.com/whitepage/titanblue/
172.67.137.162200 OK 0 B URL HTTP/2 koruvital.com/whitepage/titanblue/
IP 172.67.137.162:0
GET /whitepage/titanblue/ HTTP/1.1
Host: koruvital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:54:02 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 23:52:27 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3p8vK2mYOubS383CanWRHsLSG%2F%2F%2FQO6DjZ5yggFs1Z5xxiGh8sh43MyvsPz94QyhWyL99aP%2BoMARz9jsGbsgEQmFtRNeSlsNCcedL4UiUeM75LiMW4p%2FMYFxL9I3Vwz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705dc38ef0fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2