portalsaude.meiahora.info/tb12/prop/estimulante
104.21.7.31301 Moved Permanently 0 B URL HTTP/1.1 portalsaude.meiahora.info/tb12/prop/estimulante
IP 104.21.7.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tb12/prop/estimulante HTTP/1.1
Host: portalsaude.meiahora.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 00:55:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 01:55:31 GMT
Location: https://portalsaude.meiahora.info/tb12/prop/estimulante
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjfAH2kiHw26dKj0coodn3d9%2BZtYWOETFq86y4M%2Bltl%2F%2FPFkIhGTKakSSmBqN66qgiQ%2Fl3T4Uem5TLg9AIP7Cr3zIJSeUph8ZSMAgnFVR%2F5xKSZDQ6gtwZeFTGSU8fUNPl14wNsxkGgrOQdB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7510463849e7b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 00:15:29 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: StVke79wO2oNbPePb2PUXfsB-Aymi8jsed_zJWZ4TyQPHhyJYEqXaQ==
Age: 2402
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2751
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Tue, 27 Sep 2022 00:55:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G_JGBhZc5f3PQuoxKfRFAW4MraZPVzyW9eJcsZvzsu0kllc6Fz46Lg==
age: 73217
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:55:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7f1b361d198fd9adbf92fa2a73534ed3
6af13bd3ef14428f61b1c7d05ce2d7dab2c79404
12644e77918134e864929da8a4413d02b0c031b6900edc0a8cfc05f5e00154b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:32 GMT
Server: ECS (amb/6BB4)
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 00:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 00:54:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EXliRrig8qDIznrFxnMF58IFSGxO70FF9rJuMmUyG3NOQgb1g1lbNg==
Age: 2686
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7f1b361d198fd9adbf92fa2a73534ed3
6af13bd3ef14428f61b1c7d05ce2d7dab2c79404
12644e77918134e864929da8a4413d02b0c031b6900edc0a8cfc05f5e00154b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:32 GMT
Last-Modified: Tue, 27 Sep 2022 00:55:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3931
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:32 GMT
Last-Modified: Mon, 26 Sep 2022 23:50:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
cdn.jsdelivr.net/npm/bootstrap.native@3.0.0/dist/bootstrap-native.min.js
151.101.85.229200 OK 38 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap.native@3.0.0/dist/bootstrap-native.min.js
IP 151.101.85.229:0
Hash f198c6267544b9d9c23dcb0a5a353e27
b295a4afb4c3fda2388fb3a13b7f21d28e122c31
fd1a4b8f9a4cdb6f4de5470b367622ee8bc3e2300efdb18c3836fa62423ecd8b
GET /npm/bootstrap.native@3.0.0/dist/bootstrap-native.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.0.0
x-jsd-version-type: version
etag: W/"6d81-QFfadKOBv3gElryPvG07wv7cP3M"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:32 GMT
age: 3376970
x-served-by: cache-fra19130-FRA, cache-bma1640-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8706
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4eb3d715e5bf344f6be712b6bf6cc7e9
52137e20522141ba21d49f015332c9c90c55da51
25d9d3fe4f2feae4a9846404e8bf961866212367770c542c61b79aedef016d12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:32 GMT
Server: ECS (amb/6B7D)
Content-Length: 279
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash c08864b4341c65d0327b28d8dde1e4eb
374ff59d73911a60dbaf761398c5d55f61e4d586
7d521f3f50952a0761455f607894ad1abe78023df2c41405007b274180fd15f6
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F14DA12CE16FA47C09F13F66EB5CAA6593106618"
Expires: Tue, 27 Sep 2022 11:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3528
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7510463efbacb512-OSL
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZAcmo7nR+T9qyd4FLtpYlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qtGIBgLnmhJGJSD9WpbBETNcZ4U=
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 55404e89e55db252fe6295c42a9d8d16
591574d6063a0b1f10fc49be998f9a09f2a2f7e4
5580e1e06865bb65bd403abcc80c153ac0849eab6553b54318d9fa1283fe6946
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 20:32:14 GMT
Expires: Sat, 01 Oct 2022 20:32:13 GMT
Etag: "591574d6063a0b1f10fc49be998f9a09f2a2f7e4"
Cache-Control: max-age=415599,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7510463f19821c02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4eb3d715e5bf344f6be712b6bf6cc7e9
52137e20522141ba21d49f015332c9c90c55da51
25d9d3fe4f2feae4a9846404e8bf961866212367770c542c61b79aedef016d12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Last-Modified: Tue, 27 Sep 2022 00:55:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb82e48b44032641b378d3f5a76b802c
fe190266fba048f25f01ad0fcfce4878bc6b3437
e2152a24b4c23c3d9a7f82466e34e4959c3acea55228e9993e67f4ec8220c4d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2152A24B4C23C3D9A7F82466E34E4959C3ACEA55228E9993E67F4EC8220C4D0"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6741
Expires: Tue, 27 Sep 2022 02:47:54 GMT
Date: Tue, 27 Sep 2022 00:55:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
checkout.titanblue12x.com/pixel.php?
172.67.138.19200 OK 695 B URL HTTP/2 checkout.titanblue12x.com/pixel.php?
IP 172.67.138.19:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 1x1, components 3\012- data
Hash 5ccacb26412d87d32e37c8b093dc9ca2
2e348a2cf08304a48291b4479c021dc6d50689dd
a80d723221bc0db212738b186ce5fa0d31fb2f099e6822f6363c3ef5e89d8d60
GET /pixel.php? HTTP/1.1
Host: checkout.titanblue12x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:33 GMT
content-type: image/jpg
last-modified: Tue, 27 Sep 2022 00:20:58 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nnSuwrCGclHSFTlMB38zJ%2F6ad5yd64mvLAm0n7m2KRNwdgvdWNI9EwJRZx4b3UhLLQmQjhtZyuhiL1RAO0VTGxQwLu2gPrT41B7gYvAMe2PsUl99YIQsT2YZtnEAM5HHnI3AQFPjOioCIu6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7510463efbfbb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ
142.250.74.72200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MDQT4QJ
IP 142.250.74.72:0
File type Unicode text, UTF-8 text, with very long lines (62729)
Hash 9797d9cdb48449a8330def01711d336c
0601feecf687e7e14378961700124d09cc0090b8
bf349a23c19b5d71f6e95030267949a4fed79192d0f21c4031790401defe0542
GET /gtm.js?id=GTM-MDQT4QJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 00:55:33 GMT
expires: Tue, 27 Sep 2022 00:55:33 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80325
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4102
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Last-Modified: Mon, 26 Sep 2022 23:47:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: s1ameawdgAAgHYSAP4DF2SnLp3214akzwE+7PCtMFUXmW2G3CG8+/bBeFBHMnNpABBYNGc22OiYmeONE6Rqwkw==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:55:33 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4102
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Last-Modified: Mon, 26 Sep 2022 23:47:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 27 Sep 2022 01:15:33 GMT
Date: Tue, 27 Sep 2022 00:55:33 GMT
Content-Length: 3249
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/unip/1484435/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1484435/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58505)
Hash e3b3662293f3b914e3bd6a3056e2924f
a992ad3eb43e9cb4187c24efa6d676a1ff6124ce
05ee777ecae1985142d32ee69ebc92425e362f9881c4f34a7cdac5f1fbe1d988
GET /libtrc/unip/1484435/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Zm4QNnvDPJZAT+3dBXck3aFI8zapZBjcOBEZz1WmiFCg4caH/qo4jfHfQqTZzbeuTDO28YDMWFs=
x-amz-request-id: E7GC32A19J4GS5ZH
x-amz-replication-status: COMPLETED
last-modified: Sun, 25 Sep 2022 11:05:01 GMT
etag: "fa61b9d897a65a9235b4fda390bd46e9"
x-amz-version-id: qPRHDFEEfUhvFvzGZNUvMF35fFSKKqhG
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:33 GMT
via: 1.1 varnish
age: 26639
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664240134.527005,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 97
content-length: 17967
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 27 Sep 2022 00:55:33 GMT
expires: Tue, 27 Sep 2022 00:55:33 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c81dfd51282d3ff1b6dacde42b7dbe4e
cd7dc6871573a682c8cebe35da8acdd0503277fa
b6992f15bb026ecac77ab3701c5ac4912b7c910f07056d6b3690a498e7c6d4f5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2703
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Last-Modified: Tue, 27 Sep 2022 00:10:30 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 600a62a44f4452a8ba36a4c5f6249e69
b12f006ba9924c35181f7b59126db4ac5fcc35dc
d381ea51b757e19af55c2ef14cac4211cbf70552b170fe30e36ff39f768b1984
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 00:55:33 GMT
Last-Modified: Tue, 27 Sep 2022 00:30:20 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9M0g3FKpaZQFhw6JDxv49toa7AVJM9WGFjEbOAPgo1EZbzNnjbi1uw==
Age: 1513
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 491ef9f5b864203724bf87d3ec231679
2108c58afb4379d045e8436394cd83170615c742
438540ffd5c10c010f159aea6246074984ed0e8b1d2c074df774181f8452d28f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 491ef9f5b864203724bf87d3ec231679
2108c58afb4379d045e8436394cd83170615c742
438540ffd5c10c010f159aea6246074984ed0e8b1d2c074df774181f8452d28f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6bad6c24067f3477377d7c86c9535b77
01bab4eb78c24ebb517992deba6475818c472301
a49fd55f4f2b0b2c4905c75bf2bdd0d51619cc4075046cab32d02cc4d0c6b1b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 00:55:33 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lh2t4wlHOv-H0vCUo3h_GO6UIpOAyzM0HmEsPju5lXnU06xf20Hqhw==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6bad6c24067f3477377d7c86c9535b77
01bab4eb78c24ebb517992deba6475818c472301
a49fd55f4f2b0b2c4905c75bf2bdd0d51619cc4075046cab32d02cc4d0c6b1b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 00:55:33 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KU47UV51uoM3rzm23-hn5p7-8mIgTx7nCk39CDQfwd2DmlplzQ-ZWA==
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f6820afdc58d14732708bebdc6546e0f
47666326f06d94d05a880b55f6a4560221e83a18
94655c05e1d9909f7c235b90c3811742a469696543ab9cd3b3530247ea3312cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:33 GMT
Server: ECS (amb/6BB4)
Content-Length: 278
tr.outbrain.com/cachedClickId?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb
64.202.112.63200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb
IP 64.202.112.63:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:33 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: cceddb61d1a044378a10f4fb8895a5be
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=08485195411145768&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=08485195411145768&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=08485195411145768&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:33 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: a32275ab40212fd0f34ae4469bf80083
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=022244342167997744&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=022244342167997744&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=022244342167997744&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:33 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 9203110d2c1e68921202b82ed7a62b61
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=09527696751780249&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=09527696751780249&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TITANview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=09527696751780249&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:33 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 4a96bee70dfe382fe0e8bfa2831caebe
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TBview2&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=0955488360369027&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TBview2&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=0955488360369027&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb&obApiVersion=1.1&obtpVersion=1.8.2&name=TBview2&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=0955488360369027&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:33 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: de7515e92e4f073c8c4f5063aabb3a4a
content-encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f6820afdc58d14732708bebdc6546e0f
47666326f06d94d05a880b55f6a4560221e83a18
94655c05e1d9909f7c235b90c3811742a469696543ab9cd3b3530247ea3312cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Last-Modified: Tue, 27 Sep 2022 00:55:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
app.monetizze.com.br/r/AVE11623520/?u=UR51634&undefined
23.36.79.43301 Moved Permanently 0 B URL HTTP/1.1 app.monetizze.com.br/r/AVE11623520/?u=UR51634&undefined
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/AVE11623520/?u=UR51634&undefined HTTP/1.1
Host: app.monetizze.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 0
Server: Apache
Location: https://thoraviril.blogspot.com/2020/11/titan-whitepage.html?mcr=AVE11623520
Access-Control-Allow-Origin: *
Expires: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 27 Sep 2022 00:55:34 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=ikf6olhkdg7c9ksktghqk0gut1; path=/; HttpOnly
mon_=%7B%22BmChWv2G%22%3A%22A0G3r3cyO%2BGZXg%3D%3D%22%7D; expires=Sun, 12-Jul-2296 00:55:33 GMT; path=/; samesite=none; domain=app.monetizze.com.br; secure; httponly
msc_last=eyJjb29raWUiOiJBMEczcjNjeU8rR1pYZz09IiwiZGF0YV90aW1lc3RhbXAiOiJCbVZYM0FWNUdEWUhcL2MwTlNnPT0iLCJhZmlsaWFkbyI6IkJtRnRIOWZzIn0%3D; expires=Wed, 27-Sep-2023 00:55:34 GMT; path=/; domain=app.monetizze.com.br; httponly
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 00:41:09 GMT
expires: Tue, 27 Sep 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 865
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=0252745841560305&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=0252745841560305&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=0252745841560305&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:34 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 6747208f06ad88ed2314fbd0d13f6c29
content-encoding: gzip
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_z=ccd.v9B&_s=6&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=2
216.58.207.212200 OK 0 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_z=ccd.v9B&_s=6&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=2
IP 216.58.207.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_z=ccd.v9B&_s=6&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=2 HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
set-cookie: FPLC=PFQLdoU610xYO5Z17n3jA4NyVRWCES2%2BE5J7TqVrWRPmh1ViHKj1gOePANQPmqdB2QLqavVzSfb8XGKW7A%2B0GwBPSgDUM935U3LFndYm5E6OXNzz9ZHo1g4WHZ2B4w%3D%3D; Max-Age=72000; Domain=meiahora.info; Path=/; Secure
FPID=FPID2.2.LJ1uxGT8acoOyxzv0kSIrny9DqZIJbFyZNlRwnWoKGw%3D.1664240132; Max-Age=63072000; Domain=meiahora.info; Path=/; Secure; HttpOnly
x-cloud-trace-context: b5a9e2079b604c0385b12cc36d29afee
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/html
server: Google Frontend
content-length: 0
expires: Tue, 27 Sep 2022 00:55:34 GMT
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.taboola.com/1484435/log/3/unip?en=view_content&tim=1664240131607&vi=1664240131581&ri=59d07627a9208954937cded917add144&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=207&ssd=1&scd=100
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1484435/log/3/unip?en=view_content&tim=1664240131607&vi=1664240131581&ri=59d07627a9208954937cded917add144&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=207&ssd=1&scd=100
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484435/log/3/unip?en=view_content&tim=1664240131607&vi=1664240131581&ri=59d07627a9208954937cded917add144&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=207&ssd=1&scd=100 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.184687,VS0,VE81
x-vcl-time-ms: 81
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=033383985562109353&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=033383985562109353&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=033383985562109353&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:34 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: f5f006c9ca5dffde5596c1dd8d671a9f
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&obApiVersion=1.1&obtpVersion=1.8.2&name=titanVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=06736153826465884&referrer=
64.202.112.63200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&obApiVersion=1.1&obtpVersion=1.8.2&name=titanVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=06736153826465884&referrer=
IP 64.202.112.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=007bdabe63e1ee094eaa86824d2dc1890d,00f496e9180ddf221da6930df7df0842b4,00d7f59d941021185750ada220afe38bbb,009f1cb02f82d016c9fab95f116fb223a9,00aff6635c04697b69f1c9f863b4e9509b&obApiVersion=1.1&obtpVersion=1.8.2&name=titanVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&optOut=false&bust=06736153826465884&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:34 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 2fd1e99d81d7b5e8eb93b30b6cd675b5
content-encoding: gzip
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=S&_z=ccd.v9B&_s=7&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=scroll&epn.percent_scrolled=90&_et=16
216.58.207.212200 OK 0 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=S&_z=ccd.v9B&_s=7&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=scroll&epn.percent_scrolled=90&_et=16
IP 216.58.207.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=S&_z=ccd.v9B&_s=7&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=scroll&epn.percent_scrolled=90&_et=16 HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
set-cookie: FPLC=vfgtuQTQRWitAzNA%2BN7MrUk4%2FxL7JmczkwOMSP15Vq9a3KSwxIVWRiucgK9fXpVq8zxgns%2FUC3ne1AxOfXc0%2F8h2YRPpRDnWs%2BoID39NMxEUdXuJ8MFNG%2FQbzuOcTg%3D%3D; Max-Age=72000; Domain=meiahora.info; Path=/; Secure
FPID=FPID2.2.LJ1uxGT8acoOyxzv0kSIrny9DqZIJbFyZNlRwnWoKGw%3D.1664240132; Max-Age=63072000; Domain=meiahora.info; Path=/; Secure; HttpOnly
x-cloud-trace-context: ffa494f46be4bbca9225928fc2630b38
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/html
server: Google Frontend
content-length: 0
expires: Tue, 27 Sep 2022 00:55:34 GMT
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1664240131682&cv=9&fst=1664240131682&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1664240131682&cv=9&fst=1664240131682&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2272), with no line terminators
Hash 0fcb1de1cb25ab5bbdfd9379c6f7eb2c
54b5db79a5c459196e9f64993b3d8587ce3a4863
0136c528519377fc6be46975530e4ff9716a292abec809b6c5b37187c7a6ef3b
GET /pagead/viewthroughconversion/611304047/?random=1664240131682&cv=9&fst=1664240131682&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 01:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=2022884221&t=pageview&_s=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&ul=en-us&de=UTF-8&dt=pre-fb%20%E2%80%93%20TV%20saude&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAAC~&jid=1580748499&gjid=2006641215&cid=1063106966.1664240132&tid=UA-134148284-2&_gid=871147250.1664240132&_r=1>m=2ou9l0&z=30935924
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=2022884221&t=pageview&_s=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&ul=en-us&de=UTF-8&dt=pre-fb%20%E2%80%93%20TV%20saude&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAAC~&jid=1580748499&gjid=2006641215&cid=1063106966.1664240132&tid=UA-134148284-2&_gid=871147250.1664240132&_r=1>m=2ou9l0&z=30935924
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j97&a=2022884221&t=pageview&_s=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&ul=en-us&de=UTF-8&dt=pre-fb%20%E2%80%93%20TV%20saude&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAAC~&jid=1580748499&gjid=2006641215&cid=1063106966.1664240132&tid=UA-134148284-2&_gid=871147250.1664240132&_r=1>m=2ou9l0&z=30935924 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://portalsaude.meiahora.info
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=S&_z=ccd.v9B&_s=5&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_et=3
216.58.207.212200 OK 0 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=S&_z=ccd.v9B&_s=5&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_et=3
IP 216.58.207.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&_fplc=0&ir=1&_eu=S&_z=ccd.v9B&_s=5&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_et=3 HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
set-cookie: FPLC=0npuSJE5BCoonFCLXOnWCTGW1TshxBjGGPMNw5hsSWHK6yRYLWX8hTaQ0%2FJj4Do%2B30C%2BRt4GmM4Jo6GUBQFwFGHS%2B2ymShzW%2FlGtHOZNyvmZ6Hk%2Fuy3maFxDyDZD8g%3D%3D; Max-Age=72000; Domain=meiahora.info; Path=/; Secure
FPID=FPID2.2.LJ1uxGT8acoOyxzv0kSIrny9DqZIJbFyZNlRwnWoKGw%3D.1664240132; Max-Age=63072000; Domain=meiahora.info; Path=/; Secure; HttpOnly
x-cloud-trace-context: f5f2467e13fa2076fec0418f2aa8e361
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/html
server: Google Frontend
content-length: 0
expires: Tue, 27 Sep 2022 00:55:34 GMT
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1664240131683&cv=9&fst=1664240131683&num=1&fmt=3&value=0&label=xlvGCI2knNgBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
216.58.211.2200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1664240131683&cv=9&fst=1664240131683&num=1&fmt=3&value=0&label=xlvGCI2knNgBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/611304047/?random=1664240131683&cv=9&fst=1664240131683&num=1&fmt=3&value=0&label=xlvGCI2knNgBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 01:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_z=ccd.v9B&_s=8&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&epn.percent_scrolled=90&_et=3
216.58.207.212200 OK 0 B URL HTTP/2 gtm-k95q3k3-yjy5y.uc.r.appspot.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_z=ccd.v9B&_s=8&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&epn.percent_scrolled=90&_et=3
IP 216.58.207.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_fplc=0&_z=ccd.v9B&_s=8&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&epn.percent_scrolled=90&_et=3 HTTP/1.1
Host: gtm-k95q3k3-yjy5y.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
set-cookie: FPLC=45tjHD67%2FszKXrodeb4YneIUNWAJa11BKYp666sgpIRGG4idqvLV%2B2q1hb5bPQW%2B0lbK4zDYZ1hiAbAfF7FNVyqccmcsPAjc04%2BjE6EOjoICRsNXlZaEqce39tYkZg%3D%3D; Max-Age=72000; Domain=meiahora.info; Path=/; Secure
FPID=FPID2.2.LJ1uxGT8acoOyxzv0kSIrny9DqZIJbFyZNlRwnWoKGw%3D.1664240132; Max-Age=63072000; Domain=meiahora.info; Path=/; Secure; HttpOnly
x-cloud-trace-context: 6dac9db1d283b1f0a40c5bd61bf33521
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/html
server: Google Frontend
content-length: 0
expires: Tue, 27 Sep 2022 00:55:34 GMT
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10849238487/?random=1664240131683&cv=9&fst=1664240131683&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10849238487/?random=1664240131683&cv=9&fst=1664240131683&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2276), with no line terminators
Hash 4531a646e01225d872c7f9c999663939
9da0f5f15decb6bf1138dc86afe66ec286224319
9744fa6e0611768291fa95533a2efa480a52aa3a04fccbf5527a07f53d3c5777
GET /pagead/viewthroughconversion/10849238487/?random=1664240131683&cv=9&fst=1664240131683&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1045
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 01:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/811775827/?random=1664240131682&cv=9&fst=1664240131682&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1
216.58.211.2302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/811775827/?random=1664240131682&cv=9&fst=1664240131682&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/811775827/?random=1664240131682&cv=9&fst=1664240131682&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/811775827/?random=1664240131682&cv=9&fst=1664236800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&async=1&is_vtc=1&random=438776400&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 01:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1664240131676&cv=9&fst=1664240131676&num=1&fmt=3&value=0&label=OQnUCNHTvdkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
216.58.211.2200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1664240131676&cv=9&fst=1664240131676&num=1&fmt=3&value=0&label=OQnUCNHTvdkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/611304047/?random=1664240131676&cv=9&fst=1664240131676&num=1&fmt=3&value=0&label=OQnUCNHTvdkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 01:10:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 491ef9f5b864203724bf87d3ec231679
2108c58afb4379d045e8436394cd83170615c742
438540ffd5c10c010f159aea6246074984ed0e8b1d2c074df774181f8452d28f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1602039616667037&ev=PageView&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&rl=&if=false&ts=1664240131950&cd[page_title]=pre-fb&cd[post_type]=page&cd[post_id]=355&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=greenlime.xyz%2Fpre-fb%2F&sw=1280&sh=1024&v=2.9.84&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1664240131949.1135834151&it=1664240131550&coo=false&eid=zYeQDo3QOEv6TKFm7LfcUABq4CtOlNRX8ao7&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1602039616667037&ev=PageView&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&rl=&if=false&ts=1664240131950&cd[page_title]=pre-fb&cd[post_type]=page&cd[post_id]=355&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=greenlime.xyz%2Fpre-fb%2F&sw=1280&sh=1024&v=2.9.84&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1664240131949.1135834151&it=1664240131550&coo=false&eid=zYeQDo3QOEv6TKFm7LfcUABq4CtOlNRX8ao7&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1602039616667037&ev=PageView&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&rl=&if=false&ts=1664240131950&cd[page_title]=pre-fb&cd[post_type]=page&cd[post_id]=355&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=greenlime.xyz%2Fpre-fb%2F&sw=1280&sh=1024&v=2.9.84&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1664240131949.1135834151&it=1664240131550&coo=false&eid=zYeQDo3QOEv6TKFm7LfcUABq4CtOlNRX8ao7&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 00:55:34 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HH1GNL894H&cid=1063106966.1664240132>m=2oe9l0&aip=1&z=2092280248
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HH1GNL894H&cid=1063106966.1664240132>m=2oe9l0&aip=1&z=2092280248
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HH1GNL894H&cid=1063106966.1664240132>m=2oe9l0&aip=1&z=2092280248 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/611304047/?random=1664240131676&cv=9&fst=1664240131676&num=1&value=0&label=OQnUCNHTvdkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/611304047/?random=1664240131676&cv=9&fst=1664240131676&num=1&value=0&label=OQnUCNHTvdkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1664240131676&cv=9&fst=1664240131676&num=1&value=0&label=OQnUCNHTvdkBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc.taboola.com/1484442/log/3/unip?en=view_content&tim=1664240131607&vi=1664240131581&ri=67458b4d5919015347a28c008951bfba&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=737&ssd=1&scd=100
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1484442/log/3/unip?en=view_content&tim=1664240131607&vi=1664240131581&ri=67458b4d5919015347a28c008951bfba&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=737&ssd=1&scd=100
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484442/log/3/unip?en=view_content&tim=1664240131607&vi=1664240131581&ri=67458b4d5919015347a28c008951bfba&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=737&ssd=1&scd=100 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.302457,VS0,VE80
x-vcl-time-ms: 80
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/611304047/?random=1664240131683&cv=9&fst=1664240131683&num=1&value=0&label=xlvGCI2knNgBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/611304047/?random=1664240131683&cv=9&fst=1664240131683&num=1&value=0&label=xlvGCI2knNgBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1664240131683&cv=9&fst=1664240131683&num=1&value=0&label=xlvGCI2knNgBEO-Ev6MC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&auid=1015414107.1664240131&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/tag/9obhjgx0my?ref=gtm2
13.107.213.53200 OK 1.6 kB URL HTTP/2 www.clarity.ms/tag/9obhjgx0my?ref=gtm2
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1556), with no line terminators
Hash d0cbf764c175d0eb625707d70263c3c5
ebcb33bb5a4ca6ee12f037a893268eb6d0b57ef6
5ccc9cb170f65a6613d18c9258ce4f678bdbf2b936b2ca273446a16b7bab4095
GET /tag/9obhjgx0my?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1556
content-type: application/x-javascript
expires: -1
set-cookie: CLID=0364a6b437b949009fbdb62e68791352.20220927.20230927; expires=Wed, 27 Sep 2023 00:55:34 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0BkoyYwAAAAC6zWSwZNq0Q4mDUEmIo23TQU1TMDRFREdFMTkyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 27 Sep 2022 00:55:34 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/9rf6379oo9
13.107.213.53200 OK 1.9 kB URL HTTP/2 www.clarity.ms/tag/9rf6379oo9
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1878), with no line terminators
Hash 9d6bb37d352d546f649a0843984431f8
5f2e76505b887e39f4ab94fdf67365149a6ad797
b9f37f154e5df1d4edeb4d02a0b60b00c20ba4a90cdffd32f49632d1f114b4ba
GET /tag/9rf6379oo9 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1878
content-type: application/x-javascript
expires: -1
set-cookie: CLID=e3502ec1a73c4b4db486a1a956a748e8.20220927.20230927; expires=Wed, 27 Sep 2023 00:55:34 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0BkoyYwAAAAAijIrLNcSRQZLZxLk18S7yQU1TMDRFREdFMTkyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 27 Sep 2022 00:55:34 GMT
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&_gaz=1&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_eu=S&_z=ccd.v9B&_s=1&sid=1664240131&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&_gaz=1&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_eu=S&_z=ccd.v9B&_s=1&sid=1664240131&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&_gaz=1&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_eu=S&_z=ccd.v9B&_s=1&sid=1664240131&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://portalsaude.meiahora.info
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.taboola.com/1479452/trc/3/json?tim=1664240131806&data=%7B%22id%22%3A795%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131607%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1479452/trc/3/json?tim=1664240131806&data=%7B%22id%22%3A795%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131607%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (2412), with no line terminators
Hash 12e95c8aed91beef501bd9ca415b79fb
1dca020400a442d25be40e4cbcd6be7c76a01a67
6a3c3458e42cb4e6b68ffe9a01cfcd1f43fff6537ace6ee30f5b44df24f89232
GET /1479452/trc/3/json?tim=1664240131806&data=%7B%22id%22%3A795%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131607%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.178630,VS0,VE117
vary: Accept-Encoding
x-vcl-time-ms: 117
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_z=ccd.v9B&_s=3&sid=1664240131&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=2
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_z=ccd.v9B&_s=3&sid=1664240131&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=2
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_z=ccd.v9B&_s=3&sid=1664240131&sct=1&seg=0&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=2 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://portalsaude.meiahora.info
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_z=ccd.v9B&_s=4&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=5
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_z=ccd.v9B&_s=4&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=5
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_z=ccd.v9B&_s=4&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=TITAN_VIEW&_c=1&_et=5 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://portalsaude.meiahora.info
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_eu=S&_z=ccd.v9B&_s=2&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_et=3
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_eu=S&_z=ccd.v9B&_s=2&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_et=3
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HH1GNL894H>m=2oe9l0&_p=2022884221&cid=1063106966.1664240132&ul=en-us&sr=1280x1024&ir=1&_eu=S&_z=ccd.v9B&_s=2&sid=1664240131&sct=1&seg=1&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&dt=pre-fb%20%E2%80%93%20TV%20saude&en=page_view&_et=3 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://portalsaude.meiahora.info
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.taboola.com/1491668/log/3/unip?en=view_content&tim=1664240131608&vi=1664240131581&ri=377f522856ff3312db06de2db919de80&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=746&ssd=1&scd=100
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1491668/log/3/unip?en=view_content&tim=1664240131608&vi=1664240131581&ri=377f522856ff3312db06de2db919de80&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=746&ssd=1&scd=100
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491668/log/3/unip?en=view_content&tim=1664240131608&vi=1664240131581&ri=377f522856ff3312db06de2db919de80&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=746&ssd=1&scd=100 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.315207,VS0,VE163
x-vcl-time-ms: 163
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-134148284-2&cid=1063106966.1664240132&jid=1580748499&gjid=2006641215&_gid=871147250.1664240132&_u=YCDACUAABAAAAC~&z=32357997
64.233.162.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-134148284-2&cid=1063106966.1664240132&jid=1580748499&gjid=2006641215&_gid=871147250.1664240132&_u=YCDACUAABAAAAC~&z=32357997
IP 64.233.162.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-134148284-2&cid=1063106966.1664240132&jid=1580748499&gjid=2006641215&_gid=871147250.1664240132&_u=YCDACUAABAAAAC~&z=32357997 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://portalsaude.meiahora.info
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5213
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:55:34 GMT
Connection: keep-alive
www.google.no/pagead/1p-user-list/611304047/?random=1664240131682&cv=9&fst=1664236800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&async=1&fmt=3&is_vtc=1&random=4265823809&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/611304047/?random=1664240131682&cv=9&fst=1664236800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&async=1&fmt=3&is_vtc=1&random=4265823809&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/611304047/?random=1664240131682&cv=9&fst=1664236800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&async=1&fmt=3&is_vtc=1&random=4265823809&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10849238487/?random=1664240131683&cv=9&fst=1664236800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&async=1&fmt=3&is_vtc=1&random=3961633400&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10849238487/?random=1664240131683&cv=9&fst=1664236800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&async=1&fmt=3&is_vtc=1&random=3961633400&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10849238487/?random=1664240131683&cv=9&fst=1664236800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tiba=pre-fb%20%E2%80%93%20TV%20saude&async=1&fmt=3&is_vtc=1&random=3961633400&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:55:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5213
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:55:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5213
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:55:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c9691e104001fe54d3c6273b7b8596
481ec2135ca0a96484c36cced30776c871aedf8f
f9e5e087d8b6e9b357c9f93b00c5919d89d90ac9b48d2dcd1ac72bf775a5cf49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5383
x-amzn-requestid: 9c49e638-4bc7-4283-b0fc-f488fd92bd2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7zT3HZ4oAMFVew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e327e-669996c326605d130e3099ac;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 22:26:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6O0O2Z791hRcK9j718v8_m4EGIJ62RFJqzG4AgvbD1-yqC6pJylRWg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 23:27:03 GMT
age: 5311
etag: "481ec2135ca0a96484c36cced30776c871aedf8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5213
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:55:34 GMT
Connection: keep-alive
trc.taboola.com/1484435/trc/3/json?tim=1664240131596&data=%7B%22id%22%3A335%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131595%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 9.1 kB URL HTTP/2 trc.taboola.com/1484435/trc/3/json?tim=1664240131596&data=%7B%22id%22%3A335%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131595%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
Hash 28e7b169924099143d0126761d3efdf7
f14a1dfdc93a6ca0c6b442c20063bb3e78b8268a
991e57641bad8efb43446d702a04a34ac9a486f7d5f32a64706a1cf94ba26857
GET /1484435/trc/3/json?tim=1664240131596&data=%7B%22id%22%3A335%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131595%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:33 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.603403,VS0,VE119
vary: Accept-Encoding
x-vcl-time-ms: 119
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 11176
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62ece01d7e0036711832df5a25175b3b
c80d9ce02eeaa7b0166a696e811d2cffde4997d0
8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5cPZZOqAPyLdASSDpGDdne0bUt_SswKXMjufitPEjmp6tG5XtYz5Ag==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:05:59 GMT
age: 10175
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 11014
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 11567
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trc.taboola.com/1479452/log/3/unip?en=view_content&tim=1664240131608&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=757&ssd=1&scd=100
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1479452/log/3/unip?en=view_content&tim=1664240131608&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=757&ssd=1&scd=100
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1479452/log/3/unip?en=view_content&tim=1664240131608&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F&tos=757&ssd=1&scd=100 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.468646,VS0,VE84
x-vcl-time-ms: 84
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.41/clarity.js
13.107.213.53200 OK 24 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.41/clarity.js
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54809)
Hash 1a7d206cf77e52160f7d49ab1c167fe5
08d824c483c1a2428bdc4e583d61a5ca8d1afb74
5404eb1ed3f4542d873f4e0610572ad480353446ea8e6f7e2bb76034cf051652
GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 23509
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d107429df470"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0BkoyYwAAAADs6n7/zvvITZ8YRP2TkGdTQU1TMDRFREdFMTkyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 27 Sep 2022 00:55:34 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&RedC=c.clarity.ms&MXFR=06DC9FE69F5F68A214E28DCA9B5F66AD
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=06DC9FE69F5F68A214E28DCA9B5F66AD; domain=.clarity.ms; expires=Sun, 22-Oct-2023 00:55:34 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 27 Sep 2022 00:55:34 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&RedC=c.clarity.ms&MXFR=06DC9FE69F5F68A214E28DCA9B5F66AD
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&RedC=c.clarity.ms&MXFR=06DC9FE69F5F68A214E28DCA9B5F66AD
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&RedC=c.clarity.ms&MXFR=06DC9FE69F5F68A214E28DCA9B5F66AD HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&MUID=030ADBA68D396FED1C8FC98A8CCC6E64
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=030ADBA68D396FED1C8FC98A8CCC6E64; domain=c.bing.com; expires=Sun, 22-Oct-2023 00:55:34 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC1B2FE7666D40DAA34556167AD197F9 Ref B: OSL30EDGE0209 Ref C: 2022-09-27T00:55:34Z
date: Tue, 27 Sep 2022 00:55:34 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&MUID=030ADBA68D396FED1C8FC98A8CCC6E64
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&MUID=030ADBA68D396FED1C8FC98A8CCC6E64
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=AB10903A54F240008196F637B3605F5D&MUID=030ADBA68D396FED1C8FC98A8CCC6E64 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 27-Sep-2022 01:05:34 GMT; path=/; SameSite=None; Secure;
date: Tue, 27 Sep 2022 00:55:34 GMT
content-length: 42
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/boleto.min.css?v=6.4.91
54.94.200.17200 OK 41 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/boleto.min.css?v=6.4.91
IP 54.94.200.17:0
Hash 05d5691e1c65ac202e7e70f6957652e5
bb35de4d9a65e509f26da132174bf1587a11f6fa
84eeea08687934ce525406a89c941f02dfa6b995be9fe02cb5077d930b8b7dc8
GET /checkout-public/one-checkout/common/css/boleto.min.css?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/css
content-length: 41
server: nginx
last-modified: Fri, 12 Jun 2020 14:37:20 GMT
etag: "5ee39320-29"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/images/secure_verde.svg
54.94.200.17200 OK 17 kB URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/images/secure_verde.svg
IP 54.94.200.17:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 73a813d9a2cf0353542ffb204884da2b
ba446111cf8c6a02192080a89932e1545a3593c8
4019b0116440efbb2194d0f6de3f0df73d6cd0b05366589748b97f434e0164a5
GET /checkout-public/one-checkout/monetizze/images/secure_verde.svg HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: image/svg+xml
content-length: 17300
server: nginx
last-modified: Mon, 27 Jun 2022 19:07:55 GMT
etag: "62ba000b-4394"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
thoraviril.blogspot.com/2020/11/titan-whitepage.html?mcr=AVE11623520
142.250.74.161200 OK 16 kB URL HTTP/2 thoraviril.blogspot.com/2020/11/titan-whitepage.html?mcr=AVE11623520
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5019)
Hash 17aac472dc4ae0524e874fc47d788bf1
6a461183ee575dbb901383782b091322413ed34a
0c1bc61f457678cf8fe527bad97c09ea7afc6a7404da66a58c1e938d547e6a7e
Analyzer Verdict Alert fortinet Phishing
GET /2020/11/titan-whitepage.html?mcr=AVE11623520 HTTP/1.1
Host: thoraviril.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 27 Sep 2022 00:55:35 GMT
date: Tue, 27 Sep 2022 00:55:35 GMT
cache-control: private, max-age=0
last-modified: Mon, 18 Jul 2022 20:26:58 GMT
etag: W/"eae417d18ce3e3c0c565c5a10757afbe32f0501691b7a979b48491a3d3ef7037"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15717
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
loja.greenlime.xyz/titanblue-preco/
172.67.154.42403 Forbidden 956 B URL HTTP/2 loja.greenlime.xyz/titanblue-preco/
IP 172.67.154.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ea973ec1f743c5156e70d131f0d59152
9af0a0fd282d0ec071ccede315559003e28332d4
d75a8e1b4f334cf533e325adfe177c914b8764c6c0a13bdf13612c6d69ad7a1a
GET /titanblue-preco/ HTTP/1.1
Host: loja.greenlime.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 27 Sep 2022 00:55:33 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT%2FAE8T3OLJYvaHOGSRY6x4aFRd2AM373q%2F9E8rCY2V0e33vaZeGjW%2FetqPxLmMWSh8EzcBTSSeJdpiGvH5cLDobwexLG9BPzPXuL%2BIPbVq1YYAQ2Ap54hARNf6FZMOv6waBl8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75104643aa86b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
greenlime.xyz/wp-admin/admin-ajax.php
172.67.154.42403 Forbidden 473 B URL HTTP/2 greenlime.xyz/wp-admin/admin-ajax.php
IP 172.67.154.42:0
Hash c44d1e9ed764062a64e7420148da1a10
5c313166e74147e2d3969af9adabe17915d7d8ff
820f21235da12299b726dac185316de6cf771ce261bf4f826b47d0e6fcd6ccd2
OPTIONS /wp-admin/admin-ajax.php HTTP/1.1
Host: greenlime.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control
Referer: https://portalsaude.meiahora.info/
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 27 Sep 2022 00:55:33 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OT%2FfsFg%2Bhot5PLK7DMhZoWHHWQktWM%2FabmhZ7SRIcATAOaIGdtqFSazZy11Q4dHuIEDF2pOv3ZYFkyasNWECIj0QS2OeHR1HA71XdwiIcPcE%2Bw8vRtt3mWhRe5D2hycZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75104643cf501bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/bootstrap.min.css?v=6.4.91
54.94.200.17200 OK 80 kB URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/bootstrap.min.css?v=6.4.91
IP 54.94.200.17:0
File type ASCII text, with very long lines (65324)
Hash c91a06e3e0e02af05c09c2bc51db8186
e2c796e48fca830f24315d3b44a501550bd472ff
d6fd4a9c992e360c32d290bcbdd76970b4c7671f7e48ab66421e2f4a090e5396
GET /checkout-public/one-checkout/common/css/bootstrap.min.css?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/css
server: nginx
last-modified: Thu, 07 Jun 2018 19:31:15 GMT
etag: W/"5b198803-22682"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
trc-events.taboola.com/1479452/log/3/unip?en=pre_d_eng_tb&tos=1588&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664240133174&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1479452/log/3/unip?en=pre_d_eng_tb&tos=1588&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664240133174&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1479452/log/3/unip?en=pre_d_eng_tb&tos=1588&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664240133174&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 00:55:35 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/fontello.css?v=6.4.91
54.94.200.17200 OK 1.0 kB URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/fontello.css?v=6.4.91
IP 54.94.200.17:0
Hash fb87ae0dabf754ce566c4a74a8b1b03e
ccf7477f533e4bcd7cf54f7f8a898b7e078fc412
c5aede8afe0e97b7faa9e5fa2d00bb1ba621bc22b41ea7566905c9af33cf421e
GET /checkout-public/one-checkout/common/css/fontello.css?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/css
server: nginx
last-modified: Fri, 17 Aug 2018 18:15:47 GMT
etag: W/"5b7710d3-97c"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/animation.css?v=6.4.91
54.94.200.17200 OK 245 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/css/animation.css?v=6.4.91
IP 54.94.200.17:0
Hash f3ddec64a58617041ae1288ac3a8b952
78b9b69d904e4b3321a62e739cbedf88d0153e3d
cb55c07d06bb7736d73a103576fabc17403f04b8ae7b3e98643fa36cc733337a
GET /checkout-public/one-checkout/common/css/animation.css?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/css
server: nginx
last-modified: Thu, 07 Jun 2018 19:31:15 GMT
etag: W/"5b198803-741"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vbri?t=74972&bid=undefined&aid=undefined&tp=3561
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=74972&bid=undefined&aid=undefined&tp=3561
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=74972&bid=undefined&aid=undefined&tp=3561 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 00:55:35 GMT
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 88e96faaea046f37c2bdcb7df24f1eb5
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 208992
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Tue, 27 Sep 2022 00:55:34 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
142.250.74.163200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP 142.250.74.163:0
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 00:55:35 GMT
expires: Tue, 27 Sep 2022 00:55:35 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (2910)
Hash 0a2c034ef2a972a83080af6662335a09
1d0e0e6d11b01ce9c1bc8ece72ff2a977986b4a9
56508accc2f242fdc5da62c00334e62897f2cddc71addaa654d8affad228ba36
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 27 Sep 2022 00:55:35 GMT
expires: Tue, 27 Sep 2022 00:55:35 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11163493287752252102
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amostratitanb12x.appmax.com.br/one-checkout/check-price-pix
54.94.200.17403 Forbidden 577 B URL HTTP/2 amostratitanb12x.appmax.com.br/one-checkout/check-price-pix
IP 54.94.200.17:0
Hash a0ce0b014db734a48727ecc2c3ffe85d
9d2e702dc2348f5997c225b50d738e2273b5ccb6
fa7e1d305cfe353565bc7d44eee72068207cc12d72209a707054f98442b787fb
POST /one-checkout/check-price-pix HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiMGJmNWIyNzY4MWNiY2NjNyIsInRyIjoiODE1NWQ4NjBkNDAwOTRkOGNhYmVhMGQxYmQzYzdkNWEiLCJ0aSI6MTY2NDI0MDEzNDA0OX19
traceparent: 00-8155d860d40094d8cabea0d1bd3c7d5a-0bf5b27681cbccc7-01
tracestate: 3226302@nr=0-1-3226302-982856186-0bf5b27681cbccc7----1664240134049
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: 4dNCKLSpMrsVIQfsrrQLVOVlDirjNCIElaR1ZBl9
Content-Type: application/json;charset=utf-8
Content-Length: 83
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Tue, 27 Sep 2022 00:55:36 GMT
content-type: application/json
server: nginx
cache-control: no-cache
set-cookie: laravel_session=eyJpdiI6ImFRQ2J4eXhYNDBPeG00T2RzOUs4QkE9PSIsInZhbHVlIjoiR3hhc0drTStISUdKV09CbG9xK21BWkVmSXoyYm04S2F4OXpNU256MVRUUXJcLytLUjA5VVlLUmxoYjVOdHp1bGROdXhhTWZtcThSdmNoXC83cmJ3d0Ixdz09IiwibWFjIjoiOWI5MjQ0MzVmMWFkYTZkNTBiZmMyMWJkMjM1MTI2MWFkMGU4NzY3MjE1YTVjMTM5MmJlZGYxOWYyZWIyZWEwMSJ9; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=thoraviril.blogspot.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=thoraviril.blogspot.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thoraviril.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 00:55:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=thoraviril.blogspot.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=thoraviril.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thoraviril.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 00:55:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 73
x-timer: S1664240136.465928,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e3c3859de285a6fddde332097cece4d
2b4641a90700f3686534edc3df12b5f2c40222e5
65dc2931a7899d9c9c57695269b25f244ee00493abd385de0cc70345552a4209
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4401
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:36 GMT
Last-Modified: Mon, 26 Sep 2022 23:42:15 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23d19b3f71f6460e3d033f2516cbb30e
0eba190af730382c4ac0a433424a4c7a8c796064
b52695792218b549e210c8ce75ef9fca11319ed2ee82447817460bb7e7e87ae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:55:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 27 Sep 2022 00:55:36 GMT
expires: Tue, 27 Sep 2022 00:55:36 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:42:03 GMT
expires: Mon, 25 Sep 2023 13:42:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 126813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/check-session
54.94.200.17403 Forbidden 177 B URL HTTP/2 amostratitanb12x.appmax.com.br/check-session
IP 54.94.200.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fc7e32c38af413d89cd523e2e0eee6ca
3c4a7c3a444d3cc7adcae67986f275535d3bb826
af4a2e27bdeaf911169459571cf6ba084309f80fe98371c8f1e5f81eb8a434be
POST /check-session HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiMDdjNjA3M2U1NjBkYWI5MyIsInRyIjoiMDVkMTUxMGYwY2NkMDdkMTI5ZTcxYTI3NjU0NDJmYzkiLCJ0aSI6MTY2NDI0MDEzNDE2NH19
traceparent: 00-05d1510f0ccd07d129e71a2765442fc9-07c6073e560dab93-01
tracestate: 3226302@nr=0-1-3226302-982856186-07c6073e560dab93----1664240134164
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: 4dNCKLSpMrsVIQfsrrQLVOVlDirjNCIElaR1ZBl9
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Tue, 27 Sep 2022 00:55:36 GMT
content-type: application/json
server: nginx
cache-control: no-cache
set-cookie: laravel_session=eyJpdiI6IjRtTjU3ODlhNHNSWEdpOXpQcG13WFE9PSIsInZhbHVlIjoiYTcyc0d2ekJJZUlQa2lycnJRbzRRbVNHK1RQcVIzZTN2dlZscHpNUW9qdjBPbmkyMDg0Nzg2S01mNnd3S241Wmh4R2tPbHhFTUtwZU1lazZWSkxoSmc9PSIsIm1hYyI6ImFlMWNkNGM3Mzc1Mzc2NzVkNTkyMDdhNzM3YjAxZTQwN2EwMGYwZWNhZmFhYzE4NTVjMzIxMzE0Y2RiMDg1OWUifQ%3D%3D; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=861&ck=1&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=861&ck=1&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTBVZQlULCFUAVFBUCgISVRtAWEpRCg%3D%3D&rst=861&ck=1&ref=https://amostratitanb12x.appmax.com.br/pixel/page_checkout HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 199
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:37 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 751046579d89fabc-OSL
Access-Control-Allow-Origin: https://amostratitanb12x.appmax.com.br
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 432
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Tue, 27 Sep 2022 00:55:36 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1479452/log/3/unip?en=pre_d_eng_tb&tos=4596&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136183&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1479452/log/3/unip?en=pre_d_eng_tb&tos=4596&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136183&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1479452/log/3/unip?en=pre_d_eng_tb&tos=4596&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136183&vi=1664240131581&ri=cc2b95ed3688aa5d5d7f6dda15b10681&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 00:55:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1484435/log/3/unip?en=pre_d_eng_tb&tos=4597&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136185&vi=1664240131581&ri=59d07627a9208954937cded917add144&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484435/log/3/unip?en=pre_d_eng_tb&tos=4597&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136185&vi=1664240131581&ri=59d07627a9208954937cded917add144&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484435/log/3/unip?en=pre_d_eng_tb&tos=4597&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136185&vi=1664240131581&ri=59d07627a9208954937cded917add144&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 00:55:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1484442/log/3/unip?en=pre_d_eng_tb&tos=4599&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136186&vi=1664240131581&ri=67458b4d5919015347a28c008951bfba&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484442/log/3/unip?en=pre_d_eng_tb&tos=4599&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136186&vi=1664240131581&ri=67458b4d5919015347a28c008951bfba&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484442/log/3/unip?en=pre_d_eng_tb&tos=4599&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136186&vi=1664240131581&ri=67458b4d5919015347a28c008951bfba&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 00:55:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1491668/log/3/unip?en=pre_d_eng_tb&tos=4600&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136188&vi=1664240131581&ri=377f522856ff3312db06de2db919de80&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1491668/log/3/unip?en=pre_d_eng_tb&tos=4600&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136188&vi=1664240131581&ri=377f522856ff3312db06de2db919de80&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1491668/log/3/unip?en=pre_d_eng_tb&tos=4600&scd=100&ssd=1&est=1664240131586&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664240136188&vi=1664240131581&ri=377f522856ff3312db06de2db919de80&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 00:55:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
dhl6xem5lrcqr.cloudfront.net/selfservice/248/5cd4912fee75f.png
54.230.245.223200 OK 698 kB URL HTTP/2 dhl6xem5lrcqr.cloudfront.net/selfservice/248/5cd4912fee75f.png
IP 54.230.245.223:0
File type PNG image data, 1077 x 740, 8-bit/color RGBA, non-interlaced\012- data
Size 698 kB (698345 bytes)
Hash 01811d2da776b8ebfe99f5b0f0bf6eb5
36bd2ee05ba79b1dcd0f7e45ee3071064c5b3cb5
a7c226bc76c524d968695e5c2319635110ca42f9e76dff38ce6d260b9bbf2ee1
GET /selfservice/248/5cd4912fee75f.png HTTP/1.1
Host: dhl6xem5lrcqr.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 698345
date: Tue, 27 Sep 2022 00:55:38 GMT
last-modified: Thu, 09 May 2019 20:44:33 GMT
etag: "01811d2da776b8ebfe99f5b0f0bf6eb5"
x-amz-version-id: nW0f5oE2z5n.lhdUSFqE93ZYNIYzvK8_
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d4cg2RlP3u6gL9hsNeBE7wi5tjY-OJNkmsDDYVnivGZByXvoG8T0rw==
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=5470&ck=1&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250&ap=269&be=1548&fe=5447&dc=2935&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664240131168,%22n%22:0,%22f%22:0,%22dn%22:14,%22dne%22:105,%22c%22:113,%22s%22:333,%22ce%22:776,%22rq%22:776,%22rp%22:1513,%22rpe%22:1516,%22dl%22:1524,%22di%22:2897,%22ds%22:2934,%22de%22:2934,%22dc%22:5447,%22l%22:5447,%22le%22:5451%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=5470&ck=1&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250&ap=269&be=1548&fe=5447&dc=2935&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664240131168,%22n%22:0,%22f%22:0,%22dn%22:14,%22dne%22:105,%22c%22:113,%22s%22:333,%22ce%22:776,%22rq%22:776,%22rp%22:1513,%22rpe%22:1516,%22dl%22:1524,%22di%22:2897,%22ds%22:2934,%22de%22:2934,%22dc%22:5447,%22l%22:5447,%22le%22:5451%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=5470&ck=1&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250&ap=269&be=1548&fe=5447&dc=2935&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664240131168,%22n%22:0,%22f%22:0,%22dn%22:14,%22dne%22:105,%22c%22:113,%22s%22:333,%22ce%22:776,%22rq%22:776,%22rp%22:1513,%22rpe%22:1516,%22dl%22:1524,%22di%22:2897,%22ds%22:2934,%22de%22:2934,%22dc%22:5447,%22l%22:5447,%22le%22:5451%7D,%22navigation%22:%7B%7D%7D&at=ShBVRAhCRR4%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:38 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7510466258cafabc-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=f4c462f54dc5025; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=5640&ck=1&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=5640&ck=1&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-fa9b211374ada0557cd?a=982074503&v=1216.487a282&to=ZldWMkBYVhACBURfX18ddQVGUFcNTAVYU1NaXUESHFZWBg%3D%3D&rst=5640&ck=1&ref=https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1069
Origin: https://amostratitanb12x.appmax.com.br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:55:38 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7510466368fffabc-OSL
Access-Control-Allow-Origin: https://amostratitanb12x.appmax.com.br
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 318
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Tue, 27 Sep 2022 00:55:39 GMT
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/tracking-page-config
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/tracking-page-config
IP 54.94.200.17:0
GET /tracking-page-config HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiM2U3ZjFmNjM3ZDMxM2NlZiIsInRyIjoiNjdlZGFjZWJhNjg2N2U5ODBlOGRkZjcxMjdiOTcxNGYiLCJ0aSI6MTY2NDI0MDEzMzUwMn19
traceparent: 00-67edaceba6867e980e8ddf7127b9714f-3e7f1f637d313cef-01
tracestate: 3226302@nr=0-1-3226302-982856186-3e7f1f637d313cef----1664240133502
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:35 GMT
content-type: application/json
server: nginx
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkJFQ05VK012dDBLV2t4NWlzZG9ZeFE9PSIsInZhbHVlIjoiVFR6NzJjWTBIK1V0bFwvM29pbjE5b2VnSmU5RVRHcllKWTh5azJwN0NyeVRyTm9ZbHFrdmw5QXcrQmdKTUlqclpjeExKWk95Tzlkc29JOW5FQnlGNktRPT0iLCJtYWMiOiI2ZWEyN2FjZTdmMzZiODdhZjUwNzI1ZjdjMWQwOTExZTIzMDAzMDZmNDk0OWU5M2NhNTM1NzlkZjQ2MzhhNWI2In0%3D; expires=Tue, 27-Sep-2022 02:55:35 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6ImJmdUVUM3c5Yit1T0drZUtcL3RnQ1wvUT09IiwidmFsdWUiOiJHSlVXMkhPM1V1NHVMRDRoSGJ6UTlGTG1Jc2RoRnh6K0t1T3VkWTdlS2RnQ05WV1ptT2pcL0V6VHloZW0wVWJtOFUrWlQ3cHBWeUFYOTNpTEl3NXRwdkE9PSIsIm1hYyI6ImE2Mjg4Zjk0MmIxNmNhNmU4MDY1OWM0MzM4NWRiN2Y4NDkzMTQ2MjUzMWQyNjc2YjgwYmJlZjg0Y2ZhZWFmMTIifQ%3D%3D; expires=Tue, 27-Sep-2022 02:55:35 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22c11170dca089cc3d7eb6d01a7f1a1068%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Wed, 28-Sep-2022 00:55:35 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Wed, 28-Sep-2022 00:55:35 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%5B%5D; expires=Wed, 28-Sep-2022 00:55:35 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Wed, 28-Sep-2022 00:55:35 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/1491668/trc/3/json?tim=1664240131816&data=%7B%22id%22%3A136%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback3%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131608%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A20%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1491668/trc/3/json?tim=1664240131816&data=%7B%22id%22%3A136%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback3%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131608%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A20%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1491668/trc/3/json?tim=1664240131816&data=%7B%22id%22%3A136%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback3%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131608%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A20%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.178605,VS0,VE109
vary: Accept-Encoding
x-vcl-time-ms: 109
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/vendor.min.js?v=6.4.91
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/vendor.min.js?v=6.4.91
IP 54.94.200.17:0
GET /checkout-public/one-checkout/common/js/vendor.min.js?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 11 Feb 2020 13:47:28 GMT
etag: W/"5e42b070-4289e"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/functions.min.js?v=6.4.91
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/common/js/functions.min.js?v=6.4.91
IP 54.94.200.17:0
GET /checkout-public/one-checkout/common/js/functions.min.js?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 13 Sep 2022 19:39:55 GMT
etag: W/"6320dc8b-a0cd"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/res/985114213-strm_compiled.js
142.250.74.105200 OK 0 B URL HTTP/2 resources.blogblog.com/blogblog/data/res/985114213-strm_compiled.js
IP 142.250.74.105:0
GET /blogblog/data/res/985114213-strm_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:45:30 GMT
expires: Sun, 02 Oct 2022 08:45:30 GMT
cache-control: public, max-age=604800
last-modified: Sun, 25 Sep 2022 07:50:58 GMT
content-type: text/javascript
age: 144605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/tracking/tracking.min.js?v=6.4.91
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/tracking/tracking.min.js?v=6.4.91
IP 54.94.200.17:0
GET /checkout-public/tracking/tracking.min.js?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Wed, 10 Nov 2021 13:37:41 GMT
etag: W/"618bcb25-422da"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/assets/js/checkout.min.js?v=6.4.91
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/assets/js/checkout.min.js?v=6.4.91
IP 54.94.200.17:0
GET /assets/js/checkout.min.js?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Mon, 06 Jun 2022 23:06:52 GMT
etag: W/"629e888c-13e415"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=74972
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=74972
IP 139.45.197.240:0
GET /fv.js?t=74972 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:55:33 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a1e9c4b9ec6258dfb98acf5e53628ad5
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
koruvital.com/whitepage/titanblue/
104.21.78.215200 OK 0 B URL HTTP/2 koruvital.com/whitepage/titanblue/
IP 104.21.78.215:0
GET /whitepage/titanblue/ HTTP/1.1
Host: koruvital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 23:52:27 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z00TYQf2Hv1pTRq6tmCejicIntbPhnE0HqUgDLwNGxj%2F5AwOpkpCB%2Fn%2BVyXmSNbIDvQN4wXOtN0fAwrcIEezfC0aTqujNzHEzAmBgM3XzAEARNivKj8hAdnrzGQByDie"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751046453bc8fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1484442/trc/3/json?tim=1664240131796&data=%7B%22id%22%3A541%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131607%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1484442/trc/3/json?tim=1664240131796&data=%7B%22id%22%3A541%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131607%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1484442/trc/3/json?tim=1664240131796&data=%7B%22id%22%3A541%2C%22ii%22%3A%22%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664240131581%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2Findex.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta1-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664240131607%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Ftb12%2Fprop%2Festimulante%2F%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 00:55:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664240134.178373,VS0,VE99
vary: Accept-Encoding
x-vcl-time-ms: 99
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
IP 54.94.200.17:0
GET /one-checkout/ocmtb/2250?src=app&undefined HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Ikg2OTg5NFB2OUp1WWRNZzk5T2piTEE9PSIsInZhbHVlIjoieCttK1hVMFFOT3JqUnQ3amZqcjNIaWpCQkNNYWJTSDFcL1VGMFN0YVFIQUx0ZG9oWTQ3blRMbUdkcjZ1YXNuM1FrT3Z1NVNlQWFPeDluSENNQ0NzRkNnPT0iLCJtYWMiOiIxYmRlZjAwODIyY2RjYWI3MDdhNjNjNGI3ODFmNzYzODU1OTRjNjJiNjkzNDdkNzE5YzAwMGUyMzQ4YjU3Yzg5In0%3D; expires=Tue, 27-Sep-2022 02:55:34 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IngwQmI3ekNxdGl1UlhhS2FTSVY5dVE9PSIsInZhbHVlIjoiM215bWxsZVFsbXpLS1Y1ZHY0bXpXQ2U0S1hkZ0FRajBpZUVKckNXMEtOTFVHTEI1bDRIU2NJdDNoY3QwSCtDVGY2ZThKQ0p2U29pYnlmVFp3TUdZR0E9PSIsIm1hYyI6ImM3NjkzZDBlYjIyN2U5NzIxOWYyZjlkNWZiMGE4MGVkM2NiZDc2M2MwMTgzNGI5MzYzZDE1NjI1YWQyNzZkMDgifQ%3D%3D; expires=Tue, 27-Sep-2022 02:55:34 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22c11170dca089cc3d7eb6d01a7f1a1068%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Fportalsaude.meiahora.info%5C%2F%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22src%22%3A%22app%22%2C%22undefined%22%3A%22%22%7D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_pixel_api_identifier=eyJpdiI6ImtaeTVZN1kyY1dyTElsOW1qQlBxNXc9PSIsInZhbHVlIjoiSE5HQmV6QkU3dHhVWFVrOXRsN2k3cGxoVzc1bjF0bHRtYVpKeDU5V2FTNDNVcHZQd1FEd3JyZ01FWStDUmdsTiIsIm1hYyI6IjE0ZDFjY2JhNThhZWM2N2ZjNjFmNjdmMTA1MzZiZjFhZmM4NTVhOTU0YjRkNTc3YzNkNDU2Zjk5YmMzN2Q1YWUifQ%3D%3D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
portalsaude.meiahora.info/tb12/prop/estimulante
172.67.135.173301 Moved Permanently 0 B URL HTTP/2 portalsaude.meiahora.info/tb12/prop/estimulante
IP 172.67.135.173:0
GET /tb12/prop/estimulante HTTP/1.1
Host: portalsaude.meiahora.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 27 Sep 2022 00:55:32 GMT
content-type: text/html; charset=iso-8859-1
location: https://portalsaude.meiahora.info/tb12/prop/estimulante/
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO6PSxhcBHHYIYZ%2Fa7RS%2BkGnaGeuq7KoEPflVdHldlp9dZMd8780yVo5g5fF0WHQQRfrDc%2BTUZ%2BaLCeWXRHxZW5RQDOzFwXNrwEVuxtyCqZZITu7%2FeBqs7hc6GBdMPJrUXzKZ9u4mlea9yWt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7510463b3a5db4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/check-needs-captcha?_=1664240133241
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/check-needs-captcha?_=1664240133241
IP 54.94.200.17:0
GET /check-needs-captcha?_=1664240133241 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiOTNlZWNjY2Q0MTdkOTRkNyIsInRyIjoiZGNiODUwOTEwOWY0ZWMzMTE4MGM4MTk5MTE4YWY2MDUiLCJ0aSI6MTY2NDI0MDEzNDEyNH19
traceparent: 00-dcb8509109f4ec31180c8199118af605-93eecccd417d94d7-01
tracestate: 3226302@nr=0-1-3226302-982856186-93eecccd417d94d7----1664240134124
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-CSRF-TOKEN: 4dNCKLSpMrsVIQfsrrQLVOVlDirjNCIElaR1ZBl9
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:36 GMT
content-type: application/json
server: nginx
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Iit2Ym1jNWNNS1ArMkJUTXhmMnhMeVE9PSIsInZhbHVlIjoidTBUUDQybHhcL3BiUXhVQWE2czlMSnV5a1RzOWg0a0FNXC9VMlJcL1lsekV3R1RYWnN6YXQ3YVcwdjlWbnJOUEN0bHZTUzI1YlpvZ0txalpKc3k5SWh2Rnc9PSIsIm1hYyI6ImVlMGI2MTYyNWQyYTI5MzBjZjhiY2QzMDE3ZTVlOTA1N2VkODlhZmM1NGZmNGY3Yjg0ZWVmNTBhODRhNWRkOGYifQ%3D%3D; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6InpoVFVYSjVSbWdZQXNmWWdzR2J3a3c9PSIsInZhbHVlIjoiTXVIXC92Smh3Z01hdUJtVEFuUnZkbmVLc2QxUlRhVkJkSzlvQUVmUW1GTFBYdUV1cTZkSnFlZUY3WnBTS2xXR1dqcHpzZlVtcHBHa1hBazN1UWw4ZWNnPT0iLCJtYWMiOiJjMTFmY2ZiOGQxMGFiMmRkYWI3ODc4YjY3NWFkN2FhNjhkNTEwMDA5YTg0MTVlNzRjMmM4ODgwMzlkMDg4NTVjIn0%3D; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22c11170dca089cc3d7eb6d01a7f1a1068%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22_%22%3A%221664240133241%22%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/js/discount.coupon.min.js?v=6.4.91
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/js/discount.coupon.min.js?v=6.4.91
IP 54.94.200.17:0
GET /checkout-public/one-checkout/monetizze/js/discount.coupon.min.js?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Fri, 01 Apr 2022 14:26:41 GMT
etag: W/"62470ba1-13af"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/css/styles.min.css?v=6.4.91
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/checkout-public/one-checkout/monetizze/css/styles.min.css?v=6.4.91
IP 54.94.200.17:0
GET /checkout-public/one-checkout/monetizze/css/styles.min.css?v=6.4.91 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/css
server: nginx
last-modified: Fri, 09 Jul 2021 14:23:19 GMT
etag: W/"60e85bd7-a86"
expires: Thu, 27 Oct 2022 00:55:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
portalsaude.meiahora.info/tb12/prop/estimulante/
172.67.135.173200 OK 0 B URL HTTP/2 portalsaude.meiahora.info/tb12/prop/estimulante/
IP 172.67.135.173:0
GET /tb12/prop/estimulante/ HTTP/1.1
Host: portalsaude.meiahora.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 00:55:24 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8CskovPSUu1L%2B1XcaS1TZ9HyIUg1n%2BVqbKKlHmoRe1n96PaDqxlCCPaxRYmEz%2B%2F%2FfLSze2aOIEsUZjcLNTT11Pvguvv3OMOMz%2F4iVMMot%2BFdhQJRvcAHIgFTg%2F2l1yb%2Bc6ffGjtqUQZnxSN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7510463bfab2b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/order/get-image-path/2250
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/order/get-image-path/2250
IP 54.94.200.17:0
GET /order/get-image-path/2250 HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiYzVlZjIyMzQ5ZDFmZTdhNCIsInRyIjoiMzFjNDg0MWY5M2ZhYmE2YjhhZTQ1MzE5YjI5NWQ5MzAiLCJ0aSI6MTY2NDI0MDEzNDA0N319
traceparent: 00-31c4841f93faba6b8ae45319b295d930-c5ef22349d1fe7a4-01
tracestate: 3226302@nr=0-1-3226302-982856186-c5ef22349d1fe7a4----1664240134047
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: 4dNCKLSpMrsVIQfsrrQLVOVlDirjNCIElaR1ZBl9
Connection: keep-alive
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:36 GMT
content-type: application/json
server: nginx
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6ImRSMFBBQXRUeU9UYktha1NiU3lrcXc9PSIsInZhbHVlIjoiUUJNNFVzaDZJZEMxMzROUHR1RlRYS0tWbnhmenNcL2dycWxjUE9DWE1kZG1ic29TdHU5WHlRbkliZ3hzXC9JZG5LeG1BbWUwUW1iaHhRWk1QZ2ZHeWxTdz09IiwibWFjIjoiOTEzMjNhZjZkNjg1MTQ3OWVmNDBkZjc4YWI1Mzk3MTVkN2Y3YzFmNTVkYjZlZjNmM2VhZTBhNTgyNDg2ODExZiJ9; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6ImxBdHZrXC9pY3lOYkVMYzZBOWRmR3lBPT0iLCJ2YWx1ZSI6ImFDTEwwcnoyaFQ3SSs4V2VGXC9Va3JFaEticWdpMlJHdHFGOVUrakpvTXR2OFgwN1M2Rk9GbWRncUN3THhPME5wSlM4ZHpcL3c1eWRGY2xRaHlvNVQ3c0E9PSIsIm1hYyI6ImQ4MDBjNmM5NTAxYjRkYzllNTFlZjY0OTFhN2FhODVhZmEyZTdmNjk4NTMxN2FjOTk1ZWQzMWE0OTJjNjVmOWUifQ%3D%3D; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22c11170dca089cc3d7eb6d01a7f1a1068%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%5B%5D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
54.94.200.17200 OK 0 B URL HTTP/2 amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
IP 54.94.200.17:0
GET /one-checkout/ocmtb/2250?src=app&undefined HTTP/1.1
Host: amostratitanb12x.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwQFV1VTChAJXFNSAAUCVlc=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjYzMDIiLCJhcCI6Ijk4Mjg1NjE4NiIsImlkIjoiNzBiMTM3NDRiY2RiMTNiNCIsInRyIjoiODYzMTRhYzdlMjA5ODZkNzQ3NjI2Mjk2M2E1ODZiN2YiLCJ0aSI6MTY2NDI0MDEzNDE0M319
traceparent: 00-86314ac7e20986d7476262963a586b7f-70b13744bcdb13b4-01
tracestate: 3226302@nr=0-1-3226302-982856186-70b13744bcdb13b4----1664240134143
X-CSRF-TOKEN: 4dNCKLSpMrsVIQfsrrQLVOVlDirjNCIElaR1ZBl9
X-Requested-With: XMLHttpRequest
Referer: https://amostratitanb12x.appmax.com.br/one-checkout/ocmtb/2250?src=app&undefined
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:55:36 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Im5tTGVEMTVSam5xRXFVVjV2TVFPS2c9PSIsInZhbHVlIjoicnRZTnNcL2E5cm9WWTdPVDI4eThtcEFyRTlzRjdBREM0TkorVW11bTY1dVo3bGhMSTFkajdySkRiZFBEaTlFVzBrNDdQQUsremRcL1ptUG9lZTRrMnF3UT09IiwibWFjIjoiMDQxMzBhYTNjZmE1N2RhYzMwZTJjNWUwYzBjOTYwMzQ1OTBkZjExODNmMjBiZWYyZTg5NmY3YjU3OWM5ZTgwMyJ9; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6IlRyWmFPVUk3VTErSWE5SlNWOWxEVlE9PSIsInZhbHVlIjoiR2dpOTVxMXZIUWt2Wk9SdktPTWcrcEdyeHdxUm43THRnY3JGaHNiTXZNNU8wMGpxU0VRK0l5YXVJY1htRDRFeTBqY2hPVm1mZWZEdTIrTlwveXF4MlNRPT0iLCJtYWMiOiI4OTEwYTlhZTFlNzBjNGU0YmZhZjM0OWJkYTgxYjMwMjg1MmRhYTJjYTRmMzg5MjMxNzZkNzVjODllZjRhYWU2In0%3D; expires=Tue, 27-Sep-2022 02:55:36 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22c11170dca089cc3d7eb6d01a7f1a1068%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Famostratitanb12x.appmax.com.br%5C%2Fone-checkout%5C%2Focmtb%5C%2F2250%3Fsrc%3Dapp%26undefined%22%2C%22st%22%3Afalse%2C%22click_config%22%3A%22first_click%22%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22src%22%3A%22app%22%2C%22undefined%22%3A%22%22%7D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%5D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_pixel_api_identifier=eyJpdiI6Im0xd3V1SGJVZTVzbXpyQld5TWxMT3c9PSIsInZhbHVlIjoiY0JrN2JwdmF6SCs5dXB5Z2FUV0duanZPeEx4bkREQjFsT0R1bjltSFFjTEozWHRvQTJ6b1NEeXFIQkhcL08yd2YiLCJtYWMiOiJhNzM4NTI3MzgyN2JlZjE1NzZjZTBjMmI1ZTY0ZGMwNjIzZDdhMTMyMDZmZjJjZDhiMjVhYTA3YzA1NWYxYjg1In0%3D; expires=Wed, 28-Sep-2022 00:55:36 GMT; Max-Age=86400; path=/; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
titanblue.appmax.com.br/st?r=b1d8a2cb&undefined
54.94.200.17302 Found 0 B URL HTTP/2 titanblue.appmax.com.br/st?r=b1d8a2cb&undefined
IP 54.94.200.17:0
GET /st?r=b1d8a2cb&undefined HTTP/1.1
Host: titanblue.appmax.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 27 Sep 2022 00:55:34 GMT
content-type: text/html; charset=UTF-8
location: https://titanblue12x.com/tb12/pixel/whitepage/check.gif
server: nginx
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6IkxBY0QrMmN1WTNxZWQ4REVFaEo3Nmc9PSIsInZhbHVlIjoic3JURFV6ZnVRWk9EdjZQZ0YrXC9PT1BnWlFCczBOTDN6UHNkRVlPdnlVSWFHUW40UTVCV1N4TnVJYUp4MnllUTAzQU5VWnV1RHc4cUVxc0hcLzJrVDJLQT09IiwibWFjIjoiY2RmMzM4YzliMzFmMDNlY2E2NzY4NGFlYmQ3NGRkODRhOWM4ZDc1Y2JiNjZlZWYxMzdiNGY2MGQxNDAwMGM2OSJ9; expires=Tue, 27-Sep-2022 02:55:34 GMT; Max-Age=7200; path=/; secure; HttpOnly
laravel_session=eyJpdiI6Inh6UCtXbktYXC9nUU9iVmdYTm40cmhnPT0iLCJ2YWx1ZSI6Im56SytvYXJnR0lra2JRWmlkckx6M0kzZkg2bjl1UDdrQUNGRU1IUjV0aVBIZVdvekZWbzcyMThhMmYrZExEdlBwV2s0RWNIWTM3UkYrZmppSGZYcWtBPT0iLCJtYWMiOiI4OGUxNjkxNWVkNjg1NDk0NmE5ZjEyYTcyMTYyMjI0OGFiZjI2YWY5NDkyOTE5ZTU3MTI5YjY5MGRiNzhmNzcyIn0%3D; expires=Tue, 27-Sep-2022 02:55:34 GMT; Max-Age=7200; path=/; secure; HttpOnly
appmax_tracking=%7B%22visitor_id%22%3A%22c11170dca089cc3d7eb6d01a7f1a1068%22%2C%22referrer%22%3A%22https%3A%5C%2F%5C%2Fportalsaude.meiahora.info%5C%2F%22%2C%22st%22%3Atrue%2C%22click_config%22%3A%22first_click%22%7D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_custom_vars=%7B%22custom_var_k1%22%3A%22a%22%2C%22custom_var_v1%22%3Anull%2C%22custom_var_k2%22%3A%22pubid%22%2C%22custom_var_v2%22%3Anull%2C%22custom_var_k3%22%3A%22s1%22%2C%22custom_var_v3%22%3Anull%2C%22custom_var_k4%22%3A%22s2%22%2C%22custom_var_v4%22%3Anull%2C%22custom_var_k5%22%3A%22s3%22%2C%22custom_var_v5%22%3Anull%7D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_variables=%7B%22r%22%3A%22b1d8a2cb%22%2C%22undefined%22%3A%22%22%7D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
appmax_tracking_pages=%5B%7B%22full_url%22%3A%22https%3A%5C%2F%5C%2Ftitanblue.appmax.com.br%5C%2Fst%3Fr%3Db1d8a2cb%26undefined%22%7D%2C%7B%22full_url%22%3A%22https%3A%5C%2F%5C%2Ftitanblue12x.com%5C%2Ftb12%5C%2Fpixel%5C%2Fwhitepage%5C%2Fcheck.gif%22%7D%5D; expires=Wed, 28-Sep-2022 00:55:34 GMT; Max-Age=86400; path=/; secure; HttpOnly
X-Firefox-Spdy: h2
produto.mercadolivre.com.br/MLB-1854598237-kit-com-03-titan-blue12x-100-natural-site-oficial-premium-_JM
54.230.111.68200 OK 0 B URL HTTP/2 produto.mercadolivre.com.br/MLB-1854598237-kit-com-03-titan-blue12x-100-natural-site-oficial-premium-_JM
IP 54.230.111.68:0
GET /MLB-1854598237-kit-com-03-titan-blue12x-100-natural-site-oficial-premium-_JM HTTP/1.1
Host: produto.mercadolivre.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 00:55:34 GMT
server: Tengine
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=31536000
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
set-cookie: _d2id=3ae1fdee-5e54-4575-9277-64d19ef00057-n; Path=/; Domain=.mercadolivre.com.br; Expires=Wed, 27 Sep 2023 00:55:34 GMT
_csrf=tiTBxUI8oxnslmvK6oX0_uyu; Path=/; HttpOnly; Secure
navigation_items=MLB1854598237%7C27092022005534; Domain=.mercadolivre.com.br; Path=/; Secure; SameSite=None
c_ui-navigation=5.19.5; Domain=produto.mercadolivre.com.br; Path=/; Expires=Thu, 27 Oct 2022 00:55:34 GMT; HttpOnly; Secure; SameSite=None
accept-ch: device-memory, dpr, viewport-width, rtt, downlink, ect, save-data
accept-ch-lifetime: 60
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
x-navigation-version: layout-4.10.0
etag: W/"4e9fe-1ypnhnU7n1xvzhgC7msQ5lHOc4s"
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 182
x-envoy-decorator-operation: bots.vpp-frontend.melifrontends.com
x-request-id: 3ae1fdee-5e54-4575-9277-64d19ef00057
x-request-device-id: 3ae1fdee-5e54-4575-9277-64d19ef00057
x-d2id: 3ae1fdee-5e54-4575-9277-64d19ef00057
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ghYe32veTcw0PpKFSE2he5us3DjsvUMK3Ip9jlj0kdIq7x70c9ZEgQ==
X-Firefox-Spdy: h2