portalsaude.meiahora.info/raza/prop/prosseguir/
301 Moved Permanently 0 B URL HTTP/1.1 portalsaude.meiahora.info/raza/prop/prosseguir/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /raza/prop/prosseguir/ HTTP/1.1
Host: portalsaude.meiahora.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 14:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 15:54:16 GMT
Location: https://portalsaude.meiahora.info/raza/prop/prosseguir/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6VFKnYZxBWY4Hwxv7VoDxX6mELvKH1Eh4mvipQiwc4rWMIlpTMicq%2FvtK9lKU7J4UOBV8rYNYjfUabDCzrINCwAHzQ2oucVsa8XL3u%2FFYSpsYkLQ%2BhmyUYnD%2FAn%2Fs%2FH%2BPP5FXmkyfINoZKB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791b0ab61b6bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11685
Expires: Mon, 30 Jan 2023 18:09:01 GMT
Date: Mon, 30 Jan 2023 14:54:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7779
Expires: Mon, 30 Jan 2023 17:03:55 GMT
Date: Mon, 30 Jan 2023 14:54:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 14:35:43 GMT
content-type: application/json
age: 1113
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6921
Expires: Mon, 30 Jan 2023 16:49:37 GMT
Date: Mon, 30 Jan 2023 14:54:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kB58TRoc0mo3V+IBgGm43+uRW1uaD9JvhiFRk7U4QkivErwEBRoxoqUL17bmFFd3gkRkFTc/c3M=
x-amz-request-id: MGFY7HP6C83EA7MQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 14:50:46 GMT
age: 210
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 14:54:16 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 14:49:04 GMT
age: 312
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 310815bcbff2b82810ba77519176a3f2
4d255320cd69d96b4e4f4ef81a99374b20f919c9
883eb725624a03114236d06319a50994c901fc24616286b90d53fe9f26b4308e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:16 GMT
Server: ECS (amb/6B98)
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbFqj2md8WA.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbFqj2md8WA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21140, version 1.0\012- data
Hash cbd267bc765067b15567aa3d0d617794
f7dd8c99d6e561c0d29060d95711102d2419cc32
18efe70c0ef13ab8ccac687d4cfd1a56e6acc691ec1bd7f242127e5cc0d6afd2
GET /s/mukta/v13/iJWHBXyXfDDVXbFqj2md8WA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21140
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 21:07:54 GMT
expires: Wed, 24 Jan 2024 21:07:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:49:36 GMT
content-type: font/woff2
age: 495982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbEeiWmd8WA.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/mukta/v13/iJWHBXyXfDDVXbEeiWmd8WA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21288, version 1.0\012- data
Hash eab39466c05fbfa06f2d5955c4f0afbc
b0680d4a7e6836048a610116c95198d88377d40c
9a3f8eb676ca0c654a8edea4aacd4a1339340dcd7540335abac4463cc78580a6
GET /s/mukta/v13/iJWHBXyXfDDVXbEeiWmd8WA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 00:48:53 GMT
expires: Thu, 25 Jan 2024 00:48:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:46:35 GMT
content-type: font/woff2
age: 482723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 1.1 kB IP
Hash cd2b10ebaf21ef60ae5f103e896a71a2
f1cc47d620ccedc63311f916fb4d6269a8b04997
ae11ba87f88c7748374dffb78cc6eed2d9c020dc384ccabc2c4a9160a887b97e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 1.2 kB IP
Hash 5364d0262912a12f48f752736f733281
20714348760683b382d9d7626c1adaede641ac6b
61ecff05f074045eaa5e3fa9466d9525ff01e3a3e5ddfc2a4916ad2ee577ba8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 08:20:01 GMT
Expires: Sun, 05 Feb 2023 08:20:00 GMT
Etag: "f81ee1d4a647472c2f1d0e6c51c3339dec723908"
Cache-Control: max-age=494142,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791b0abc6fb00b65-OSL
ocsp.digicert.com/
200 OK 43 kB IP
Hash 8c6450251fd77316900f516b1e571223
c876d839135fae4e1152873b1b04c1a1e00be7e1
d7a9ccf93789b6c21fe84e0f45a93c334b351821c98f7be8f50b77404bb54fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Last-Modified: Mon, 30 Jan 2023 14:54:16 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6552
Expires: Mon, 30 Jan 2023 16:43:29 GMT
Date: Mon, 30 Jan 2023 14:54:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 7.3 kB IP
Hash 965cf103c0d793f6b03d5145ecaf9e34
35cc4278d0de29bc3b86d05c6931cd8a057ae6d1
f20dd9715639128d2e9ba0da8933d451c21777144b7095184127d3f35768f029
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KD5J36D
200 OK 87 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KD5J36D
IP
File type ASCII text, with very long lines (59616)
Hash fb9f91a556798b931951f41f8ea9cc43
fc10994bf93987dd3021fe92acd6e091ea15d994
645cd710e43d0bd2aeb7d71f44565c2141604232831eec68145e3c55bf7337b5
GET /gtm.js?id=GTM-KD5J36D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 14:54:17 GMT
expires: Mon, 30 Jan 2023 14:54:17 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87159
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xead9xmHNRT/VtkiFUJiuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3p7N3WaAuscFTB3nA3h5wM16YuU=
checkout.razagan.com/pixel.php?
200 OK 1.2 kB URL HTTP/2 checkout.razagan.com/pixel.php?
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 1x1, components 3\012- data
Hash 5d5b0ad8d4050dbf5585ddec7fe7e336
bf7501806c1cd91a6d464e690606e132caaadab0
beff2a54b466a44bbda13e2ea8ec0fb3c9c75c7b84da97db3c3e656c63aad128
GET /pixel.php? HTTP/1.1
Host: checkout.razagan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:54:17 GMT
content-type: image/jpg
last-modified: Mon, 30 Jan 2023 13:26:19 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUfRTqL3hJNyTRkYa6FmNFPbI5qMnoZYkfgxgFyK3aZ3lNUOF49%2FLKV8YasX4X%2F%2FHCSTZThCI6zpLpPz87xn2EgRMODLAKyNtQU4bzdiw6W7znTVLFeQSBu1Eshnnyr7ZNsUIqe%2FXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791b0abbfee1b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 15:09:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f536b668e57fbc75c741e46ec9520d5d
cd0fd188d2d52254cb9971f855f59aaf31b84244
54229b773e7ed7aad984653813df88623eeebf15fa67c07dbc6531d376b8ae00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54229B773E7ED7AAD984653813DF88623EEEBF15FA67C07DBC6531D376B8AE00"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8445
Expires: Mon, 30 Jan 2023 17:15:02 GMT
Date: Mon, 30 Jan 2023 14:54:17 GMT
Connection: keep-alive
www.google.com/pagead/1p-conversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (17737), with no line terminators
Hash 69ccf6d91702cd65dedfbad36e94c61b
adce8bd55dcc466c709dc96e230cbdd72fb27645
9a5b793c3b453c30229658bebe68719aa0df37a71ef371a6c6117e123b091e64
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "9f0b052ec22f789c3cc95c26dd0da7f4:1674389451.57807"
Last-Modified: Sun, 22 Jan 2023 12:08:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 30 Jan 2023 15:14:17 GMT
Date: Mon, 30 Jan 2023 14:54:17 GMT
Content-Length: 5884
Connection: keep-alive
www.google.com/pagead/1p-conversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 15:09:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1675090469996&cv=11&fst=1675090469996&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=1827149727.1675090470&rfmt=3&fmt=4
200 OK 895 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/611304047/?random=1675090469996&cv=11&fst=1675090469996&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=1827149727.1675090470&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1887), with no line terminators
Hash e04ae4dd3d3d2e5fd55b5ea44af854ae
e739603d80ba3052d7fd615b76a9e5ca1ee7c27b
0053ac206d43268a25acf24f8aca3e01c17d74e9c02b216667019f5a1f9a9c00
GET /pagead/viewthroughconversion/611304047/?random=1675090469996&cv=11&fst=1675090469996&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&auid=1827149727.1675090470&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 895
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 15:09:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 15:09:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vctx?t=74972
204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=74972
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=74972 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 14:54:17 GMT
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 46def5311116babd97793a2c1dd5f94e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8af22d99c696243b808bd8119f29030a
4cafa5f8ad7e6ea26178e9853aa23788d1dbb9e6
cba398d4813a75e01d7ee9d018617a3c66cd76208b8b13a91782bf56d5784c03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 360e7b43e5611d92851017929afd0c11
c7818cbf6e609a5db3f11f80998a237d532ec7a5
d49060e8ed16980247c6ebcb0b07ec67e7bca20c84ab9e8f6976b9a3b6e5c188
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8af22d99c696243b808bd8119f29030a
4cafa5f8ad7e6ea26178e9853aa23788d1dbb9e6
cba398d4813a75e01d7ee9d018617a3c66cd76208b8b13a91782bf56d5784c03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 360e7b43e5611d92851017929afd0c11
c7818cbf6e609a5db3f11f80998a237d532ec7a5
d49060e8ed16980247c6ebcb0b07ec67e7bca20c84ab9e8f6976b9a3b6e5c188
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 360e7b43e5611d92851017929afd0c11
c7818cbf6e609a5db3f11f80998a237d532ec7a5
d49060e8ed16980247c6ebcb0b07ec67e7bca20c84ab9e8f6976b9a3b6e5c188
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vbl?t=74972&bid=undefined&aid=undefined
204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=74972&bid=undefined&aid=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=74972&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 14:54:17 GMT
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 46c1b4cfef6d4301b3a2d8837e072a1e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1484436/tfa.js
200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1484436/tfa.js
IP
File type ASCII text, with very long lines (59668)
Hash b750c930daf37ffb0815c34e7ba480e0
df8d81a01b18d97ebeefdfe3d9dbae7fe14a0b85
5bd9e7a3139d4708ce64af85b33ed4b396b32caeeadf44a7a68baaa76bce8721
GET /libtrc/unip/1484436/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: I7gZaPGTBzEx8sjSAq3GunH6V3ol8vpxowxJXQjHVbB1s+vslhXbE5McjJ0wU9Rn080RWD4BTiE=
x-amz-request-id: 8MPBNFZ7KV25YTDX
x-amz-replication-status: COMPLETED
last-modified: Sun, 29 Jan 2023 11:11:22 GMT
etag: "9f5dd2fe47c5c7b4082b80f16836dd92"
x-amz-version-id: VaNxfB2sVBZzDIAZV7foGcwKM6lYKJ4L
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 14:54:18 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675090458.715465,VS0,VE314
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 12
content-length: 18356
X-Firefox-Spdy: h2
app.monetizze.com.br/r/ASX7208468/?u=BL38404&undefined
301 Moved Permanently 0 B URL HTTP/1.1 app.monetizze.com.br/r/ASX7208468/?u=BL38404&undefined
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/ASX7208468/?u=BL38404&undefined HTTP/1.1
Host: app.monetizze.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 0
Server: Apache
Location: https://thoraviril.blogspot.com/2020/04/thv-whitepage.html?mcr=ASX7208468
Access-Control-Allow-Origin: *
Expires: Mon, 30 Jan 2023 14:54:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 30 Jan 2023 14:54:18 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=eh22f7rcljgdjr773e58ljrj27; path=/; HttpOnly
mon_=%7B%22D8lJt7Y%3D%22%3A%22A0G%2BCyvyg3YpGA%3D%3D%22%7D; expires=Sat, 14-Nov-2296 14:54:17 GMT; path=/; samesite=none; domain=app.monetizze.com.br; secure; httponly
_fbp=fb.1.1675090457.4691600063; expires=Sun, 30-Apr-2023 14:54:17 GMT; path=/; domain=app.monetizze.com.br; httponly
msc_last=eyJjb29raWUiOiJBMEcrQ3l2eWczWXBHQT09IiwiZGF0YV90aW1lc3RhbXAiOiJCbVZXOFMzd2Nmd3FBR1pySWc9PSIsImFmaWxpYWRvIjoiQm1GdEg5ZnMifQ%3D%3D; expires=Tue, 30-Jan-2024 14:54:17 GMT; path=/; domain=app.monetizze.com.br; httponly
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 3dbaf700d6d0b4891445e539ed057a35
d089027bd0e60162dfdfba20fc86e16c425ff82c
491a07bc635925d5d3b0c5c190bb13b8f4efa4ae60b9982584fe06650ff7c86d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 12:09:39 GMT
ETag: "d089027bd0e60162dfdfba20fc86e16c425ff82c"
Last-Modified: Mon, 30 Jan 2023 12:09:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1759
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791b0ac2d8dc1bfe-OSL
s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=422403242070126000&lib=kwaiq
200 OK 49 kB URL HTTP/1.1 s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=422403242070126000&lib=kwaiq
IP
File type Unicode text, UTF-8 text, with very long lines (64894)
Hash 85f7bfa61174ec17f87d85cdcfd115f2
71a7d3cb966d0800ca5ac0916b90c73a2f06c9ea
78215cc7c06bd1a20cbbe6ada7a279b19ef13ceaf2509f4367e03d3c033edf40
GET /kos/s101/nlav11187/pixel/events.js?sdkid=422403242070126000&lib=kwaiq HTTP/1.1
Host: s1.kwai.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 05 Jan 2023 10:50:28 GMT
Content-Encoding: gzip
Etag: "08a9aa724c73ceffccb45637b9b7b2c2"
Content-Type: application/javascript
Date: Thu, 26 Jan 2023 13:52:09 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 12670142515171396409
x-cos-request-id: NjNkMjg1ODlfYzkzNjEzMGJfMTA1YTdfYzE2MmI0Zg==
Content-Length: 48594
Accept-Ranges: bytes
X-NWS-LOG-UUID: 1244626855882434995
Connection: keep-alive
X-Cache-Lookup: Cache Hit
x-ks-client-ip: 91.90.42.154
X-Ks-Request-ID: 1244626855882434995
X-Ks-Cache: Hit from 211.152.137.18
kwaisign: NULL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: max-age=2592000
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-DLQS4HHPSE&cid=1893290338.1675090470>m=2oe1p0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-DLQS4HHPSE&cid=1893290338.1675090470>m=2oe1p0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DLQS4HHPSE&cid=1893290338.1675090470>m=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://portalsaude.meiahora.info
date: Mon, 30 Jan 2023 14:54:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15398
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 14:54:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15398
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 14:54:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15398
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 14:54:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15398
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 14:54:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 76702
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 60891
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:32 GMT
age: 61186
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 61376
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 60321
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 59661
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
thoraviril.blogspot.com/2020/04/thv-whitepage.html?mcr=ASX7208468
404 Not Found 14 kB URL HTTP/2 thoraviril.blogspot.com/2020/04/thv-whitepage.html?mcr=ASX7208468
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5457)
Hash bdd843382c571df339ce2956a75f92ec
54c0a6073ec2632ba15aefa5d257d0730ebc297d
f1bd2882f592db2ec9d4c6d44565aaebab8b517be68c83f1d2c67ee6bf274c09
GET /2020/04/thv-whitepage.html?mcr=ASX7208468 HTTP/1.1
Host: thoraviril.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Jan 2023 14:54:18 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14053
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thoraviril.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/2 thoraviril.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: thoraviril.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/2020/04/thv-whitepage.html?mcr=ASX7208468
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Mon, 30 Jan 2023 14:54:18 GMT
expires: Mon, 06 Feb 2023 14:54:18 GMT
cache-control: public, max-age=604800
last-modified: Mon, 30 Jan 2023 13:52:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 470de4612d31b30eeacd5f951b57150e
e24ac17956be8495496e4d18284baf6068920458
52e1d2a12624e5ac49945a4475785611bf7fc253d0a29700f617997ee7cc983c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 03 Feb 2023 12:46:28 GMT
ETag: "dce20cdb987acab7b86b300cda10e58867f42ddb"
Last-Modified: Mon, 30 Jan 2023 12:46:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1509
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791b0ac84e6b1bfe-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 353ac22db73d0d1f6401c9a6dae0af28
266f51bf2f05d8431e9b6ada929b1513167d5411
b8dd1137414d56fdb844922a9cfddf36e06093b863632d40332b3d9cae51f7c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/blogblog/data/res/32544230-strm_compiled.js
200 OK 47 kB URL HTTP/2 resources.blogblog.com/blogblog/data/res/32544230-strm_compiled.js
IP
File type ASCII text, with very long lines (1904)
Hash 1b56f7c3c1392d0b2db7aad431c01ead
b88f200b0932e04c2ab93a53c95568d41a1ae16b
9e588fb982cbdbbf6edd36ee876fe916291918c2c397e210100b5c69b6ad7251
GET /blogblog/data/res/32544230-strm_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46825
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 03:02:11 GMT
expires: Fri, 03 Feb 2023 03:02:11 GMT
cache-control: public, max-age=604800
last-modified: Fri, 27 Jan 2023 02:51:33 GMT
content-type: text/javascript
age: 301927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1253685842-widgets.js
200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1253685842-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash b329ea3a8875a3cb1fff0b03b148b3f5
97cb465dc452e56a75e6e2caf453aba800719305
71572f07e491477cf2d6925d94658fbd5f054172291071f8675f6a4aec6dcc09
GET /static/v1/widgets/1253685842-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 01:57:07 GMT
expires: Tue, 30 Jan 2024 01:57:07 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 27 Jan 2023 00:03:44 GMT
content-type: text/javascript
age: 46631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 353ac22db73d0d1f6401c9a6dae0af28
266f51bf2f05d8431e9b6ada929b1513167d5411
b8dd1137414d56fdb844922a9cfddf36e06093b863632d40332b3d9cae51f7c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 353ac22db73d0d1f6401c9a6dae0af28
266f51bf2f05d8431e9b6ada929b1513167d5411
b8dd1137414d56fdb844922a9cfddf36e06093b863632d40332b3d9cae51f7c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 14:54:19 GMT
expires: Mon, 30 Jan 2023 14:54:19 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5975042370483709&host=ca-host-pub-1556223355139109
200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5975042370483709&host=ca-host-pub-1556223355139109
IP
File type ASCII text, with very long lines (4879)
Hash 12d529cc59e53c2e09f1d9fa3dc3da77
de771ae2eff52036848bc31d2c8679146799bba8
226d1b29f2343bd28d0036e38e8dd1bc991c6f809c978d3f4b946bfba5b97859
GET /pagead/js/adsbygoogle.js?client=ca-pub-5975042370483709&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thoraviril.blogspot.com
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 30 Jan 2023 14:54:19 GMT
expires: Mon, 30 Jan 2023 14:54:19 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8663611279290079951
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49825
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=thoraviril.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=thoraviril.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thoraviril.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 14:54:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=thoraviril.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=thoraviril.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thoraviril.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 14:54:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6790797b1383d154dd96b9c7d96431d0
c10a4246e678333b636a3e7f8db4ddc4a9ad0efe
41d0d96842fc087c2f14bafc019b489a4ae9b6a05b2d626dcc12304f929978c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 30 Jan 2023 14:54:19 GMT
expires: Mon, 30 Jan 2023 14:54:19 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thoraviril.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:43:30 GMT
expires: Fri, 26 Jan 2024 20:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 324649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=74972&bid=undefined&aid=undefined&tp=4012
204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=74972&bid=undefined&aid=undefined&tp=4012
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=74972&bid=undefined&aid=undefined&tp=4012 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 14:54:19 GMT
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1a8304b08aa7a91a3e84a4e0b26c839a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 68119bfa9b1671a795d9b6918ea5f3a5
dce20cdb987acab7b86b300cda10e58867f42ddb
b16abf23c2d90538dc8150722620b987f940a865e349da61eb359f7c208486ff
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 03 Feb 2023 12:46:28 GMT
ETag: "dce20cdb987acab7b86b300cda10e58867f42ddb"
Last-Modified: Mon, 30 Jan 2023 12:46:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1511
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791b0acf0e591bfe-OSL
trc.taboola.com/1484436/log/3/unip?en=view_content&tim=1675090470537&mrir=to&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tos=2010&ssd=1&scd=0
204 No Content 0 B URL HTTP/2 trc.taboola.com/1484436/log/3/unip?en=view_content&tim=1675090470537&mrir=to&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tos=2010&ssd=1&scd=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484436/log/3/unip?en=view_content&tim=1675090470537&mrir=to&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tos=2010&ssd=1&scd=0 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Mon, 30 Jan 2023 14:54:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675090460.078675,VS0,VE91
x-vcl-time-ms: 91
X-Firefox-Spdy: h2
trc-events.taboola.com/1484436/log/3/unip?en=pre_d_eng_tb&tos=2012&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=1500&msa=63&rv=1&tim=1675090472094&mrir=to&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484436/log/3/unip?en=pre_d_eng_tb&tos=2012&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=1500&msa=63&rv=1&tim=1675090472094&mrir=to&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484436/log/3/unip?en=pre_d_eng_tb&tos=2012&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=1500&msa=63&rv=1&tim=1675090472094&mrir=to&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 14:54:20 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1484437/log/3/unip?en=pre_d_eng_tb&tos=2512&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=1500&msa=63&rv=1&tim=1675090472094&mrir=dt&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484437/log/3/unip?en=pre_d_eng_tb&tos=2512&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=1500&msa=63&rv=1&tim=1675090472094&mrir=dt&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484437/log/3/unip?en=pre_d_eng_tb&tos=2512&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=1500&msa=63&rv=1&tim=1675090472094&mrir=dt&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 14:54:20 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc.taboola.com/1484437/log/3/unip?en=view_content&tim=1675090470538&mrir=dt&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tos=2511&ssd=1&scd=0
204 No Content 0 B URL HTTP/2 trc.taboola.com/1484437/log/3/unip?en=view_content&tim=1675090470538&mrir=dt&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tos=2511&ssd=1&scd=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484437/log/3/unip?en=view_content&tim=1675090470538&mrir=dt&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tos=2511&ssd=1&scd=0 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Mon, 30 Jan 2023 14:54:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675090461.577735,VS0,VE94
x-vcl-time-ms: 94
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/10931630075/?random=1675090470004&cv=11&fst=1675090470004&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=0-z3CIfXisYDEPvfzdwo&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/10931630075/?random=1675090470004&cv=11&fst=1675090470004&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=0-z3CIfXisYDEPvfzdwo&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/10931630075/?random=1675090470004&cv=11&fst=1675090470004&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=0-z3CIfXisYDEPvfzdwo&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/10953287591/?random=1675090470007&cv=11&fst=1675090470007&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=TEK-CMfDpd4DEKfP9-Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/10953287591/?random=1675090470007&cv=11&fst=1675090470007&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=TEK-CMfDpd4DEKfP9-Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/10953287591/?random=1675090470007&cv=11&fst=1675090470007&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=TEK-CMfDpd4DEKfP9-Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLQS4HHPSE&cid=1893290338.1675090470>m=2oe1p0&aip=1&z=764173243
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLQS4HHPSE&cid=1893290338.1675090470>m=2oe1p0&aip=1&z=764173243
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLQS4HHPSE&cid=1893290338.1675090470>m=2oe1p0&aip=1&z=764173243 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/11033636244/?random=1675090470009&cv=11&fst=1675090470009&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=Zhg5CJ3114MYEJTbn40p&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/11033636244/?random=1675090470009&cv=11&fst=1675090470009&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=Zhg5CJ3114MYEJTbn40p&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/11033636244/?random=1675090470009&cv=11&fst=1675090470009&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=Zhg5CJ3114MYEJTbn40p&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/811775827/?random=1675090469998&cv=11&fst=1675090469998&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=HWYGCNaChNoCENPuioMD&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/611304047/?random=1675090469996&cv=11&fst=1675087200000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=1673147515&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/611304047/?random=1675090469996&cv=11&fst=1675087200000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=1673147515&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/611304047/?random=1675090469996&cv=11&fst=1675087200000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&fmt=3&is_vtc=1&random=1673147515&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/10870238034/?random=1675090469999&cv=11&fst=1675090469999&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=pN3VCJa_7bkDENLWqr8o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/10870238034/?random=1675090469999&cv=11&fst=1675090469999&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=pN3VCJa_7bkDENLWqr8o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/10870238034/?random=1675090469999&cv=11&fst=1675090469999&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=pN3VCJa_7bkDENLWqr8o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/10833618787/?random=1675090469956&cv=11&fst=1675090469956&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=r4P_CJqVv7kDEOPO760o&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/611304047/?random=1675090469990&cv=11&fst=1675090469990&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&label=xlvGCI2knNgBEO-Ev6MC&hn=www.google.com&frm=0&url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&tiba=pop5%20%E2%80%93%20Portal%20Sa%C3%BAde&value=0&bttype=purchase&auid=1827149727.1675090470&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portalsaude.meiahora.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=undefined
200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 8fbe9f82b335ddc45b9e5e3589a8fd6f
tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=06429115002651506&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=06429115002651506&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=06429115002651506&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: b595913b84840600ad048b7bd0e7fa70
tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=002992656610547384&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=002992656610547384&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=002992656610547384&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 496899c5a7e0719b04cb22fab3e00be8
tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=00689531151954037&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=00689531151954037&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=00689531151954037&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 98eef04a05e8de7be5c4276373601a6a
tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=duroVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=08193438687432771&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=duroVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=08193438687432771&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=duroVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=08193438687432771&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 07d42e4f03f9d33f23af8bcb6d19205f
tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=0533269515395861&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=0533269515395861&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=RAZAview&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=0533269515395861&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 4c3ffec7f9ae2d1e492892db482e39f3
trc-events.taboola.com/1484436/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=3000&msa=63&rv=1&tim=1675090475096&mrir=tto&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1484436/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=3000&msa=63&rv=1&tim=1675090475096&mrir=tto&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1484436/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=0&ssd=1&est=1675090470524&ver=36&isls=true&src=i&invt=3000&msa=63&rv=1&tim=1675090475096&mrir=tto&vi=1675090470518&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 14:54:22 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc.taboola.com/1484436/trc/3/json?tim=1675090470534&data=%7B%22id%22%3A128%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675090470518%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675090470532%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1484436/trc/3/json?tim=1675090470534&data=%7B%22id%22%3A128%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675090470518%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675090470532%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
File type Unicode text, UTF-8 text, with very long lines (2453), with no line terminators
Hash 36f3ac6bfc14c287bac5b6937e315a34
b4f37834d0930e9ab759cd6331c371e32186d67e
22b0338f28c0d949c338f0ff6ec3c4694eff50bc0a6ddf1bae00bd89e60e00e2
GET /1484436/trc/3/json?tim=1675090470534&data=%7B%22id%22%3A128%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675090470518%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675090470532%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 14:54:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675090462.186748,VS0,VE127
vary: Accept-Encoding
x-vcl-time-ms: 127
X-Firefox-Spdy: h2
api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=422403242070126000
200 OK 507 B URL HTTP/2 api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=422403242070126000
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
Hash c7325f3110a04a725f2323051b79cb21
26058604ba72b63c3a72323e47f236902c85393d
a5293ccb9204847eab913da46892aaedc165fc308001759e55490af5f0577110
GET /rest/n/adintl/ad/getPixelConfig?pixelId=422403242070126000 HTTP/1.1
Host: api.mythad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:54:19 GMT
content-type: application/json;charset=UTF-8
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q039=":443"; ma=2592000, quic=":443"; ma=2592000; v="39,43,46"
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
x-kslogid: 675090459385638046
content-encoding: gzip
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=09904435155402345&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=09904435155402345&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=09904435155402345&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 337ad8f76e03046bd2fb3381d1d1833f
tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=duroVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=049881419655316006&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=duroVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=049881419655316006&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=005a6877bd382b3259b210f9305a9a8837,007896baf68284db2c07313fa4623a3dcf,00c931c54961e1e53c37edede49924ae9b,004e60858d8e46d2e44d827765b0520e58,00cb5f338007aae63073baf2ebf27a2193,00fad06bbb0bf0bedfb8a418e69a19c147,00a2dd34dcd2311bab043780ff59239261,00ed305355787233b5e3f660c8a510814e,00d9b924662117a9105a6b15df92988c44&obApiVersion=1.1&obtpVersion=2.0.5&name=duroVIEW&dl=https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F&optOut=false&bust=049881419655316006&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:54:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: c9a4cdc5a354dd57e93e7fd4069388e7
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=AED8555F162B4A2AA91F50282C22F81D&RedC=c.clarity.ms&MXFR=218EF7362E0D6372094CE59F2A0D6DD1
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=218EF7362E0D6372094CE59F2A0D6DD1; domain=.clarity.ms; expires=Sat, 24-Feb-2024 14:54:24 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 30 Jan 2023 14:54:24 GMT
content-length: 0
X-Firefox-Spdy: h2
d.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 14969
Origin: https://portalsaude.meiahora.info
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://portalsaude.meiahora.info
access-control-allow-credentials: true
date: Mon, 30 Jan 2023 14:54:24 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/9rf6379oo9
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/9rf6379oo9
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/9rf6379oo9 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=365fad49662c4b8e8dd18a9be34ec4f2.20230130.20240130; expires=Tue, 30 Jan 2024 14:54:22 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0HtrXYwAAAADhF0VJsCu0R7kl0tQTzGoyQ1BIMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 30 Jan 2023 14:54:21 GMT
X-Firefox-Spdy: h2
portalsaude.meiahora.info/raza/prop/prosseguir/
200 OK 0 B URL HTTP/2 portalsaude.meiahora.info/raza/prop/prosseguir/
IP
GET /raza/prop/prosseguir/ HTTP/1.1
Host: portalsaude.meiahora.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:54:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 14:54:06 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tat1WKFXeQy0R3%2BikZBG%2FlngNa%2FXjADu9Vq3J05Pfqm7bcTdNi8alwPf1Tv7wIiF7FGhxMfsDsE0cfgUVXkImTWuksCkQJUzw9uJnGt02S6TGguowtzk4ghw8a5trgDUVNqIME4PtPgxTEmJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791b0ab8085a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Mukta:300,600,200&subset=latin
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Mukta:300,600,200&subset=latin
IP
GET /css?family=Mukta:300,600,200&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 14:54:16 GMT
date: Mon, 30 Jan 2023 14:54:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.clarity.ms/eus/s/0.7.1/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus/s/0.7.1/clarity.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d933d16af8439e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-azure-ref-originshield: 0b8rXYwAAAACXKaxCtf+qTpdydoK8z4WCRlJBMjMxMDUwNDE4MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0INrXYwAAAABXSj2zv9H6SIYuPSMYLbAYQ1BIMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 30 Jan 2023 14:54:23 GMT
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=74972
200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=74972
IP
GET /fv.js?t=74972 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 14:54:17 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5c158ca32f7b9cbdf44458ae7655edaa
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/1484437/trc/3/json?tim=1675090472541&data=%7B%22id%22%3A630%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675090470518%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675090470538%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
200 OK 0 B URL HTTP/2 trc.taboola.com/1484437/trc/3/json?tim=1675090472541&data=%7B%22id%22%3A630%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675090470518%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675090470538%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
GET /1484437/trc/3/json?tim=1675090472541&data=%7B%22id%22%3A630%2C%22ii%22%3A%22%2Fpop5%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675090470518%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fpop5%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnewlifepro-br-razaganv12conta2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675090470538%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportalsaude.meiahora.info%2Fraza%2Fprop%2Fprosseguir%2F%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portalsaude.meiahora.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 14:54:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675090462.186737,VS0,VE115
vary: Accept-Encoding
x-vcl-time-ms: 115
X-Firefox-Spdy: h2
104.21.7.31
34.160.144.191
141.226.228.48
139.45.197.240
23.36.76.226
43.134.151.146
188.114.97.1