portalonbr.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ualbroficial.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmJlbmVmaWNpb3Mtc29jaWFpcy...
Effective URL:
https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email...
Submission: On May 19 via api (May 19th 2023, 5:20:21 pm UTC) from BR — Scanned from DE

Summary HTTP 37 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 37 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalonbr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 25th 2022. Valid for: a year.

This is the only time portalonbr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.225.226.55 34.225.226.55	14618 (AMAZON-AES) (AMAZON-AES)
17	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
37	12

1 34.225.226.55 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-226-55.compute-1.amazonaws.com

ualbroficial.lt.acemlna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

portalonbr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	portalonbr.com portalonbr.com	313 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	449 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 109 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1856	208 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	151 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2230	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	83 KB
1	acemlna.com 1 redirects ualbroficial.lt.acemlna.com	333 B
37	9

	Domain	Requested by
17	portalonbr.com	portalonbr.com
5	fonts.gstatic.com	fonts.googleapis.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	portalonbr.com securepubads.g.doubleclick.net
2	apis.google.com	portalonbr.com apis.google.com
1	lh3.googleusercontent.com
1	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.google.com	portalonbr.com
1	www.googletagmanager.com	portalonbr.com
1	ualbroficial.lt.acemlna.com	1 redirects
37	12

This site contains links to these domains. Also see Links.

Domain
eitabr.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-25` - `2023-10-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
Frame ID: 5693A8F1B000F36086B13AB234C5E065
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FGTS | Consulta Do Saldo Disponível

Page URL History Show full URLs

https://ualbroficial.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmJlbm... HTTP 302
https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampa... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

37
Requests

97 %
HTTPS

92 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

1213 kB
Transfer

3274 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://eitabr.com/?utm_source=ActiveCampaign&utm_medium=email&utm_term=null&utm_campaign=Fgts
Title: VER MAIS INFORMAÇÕES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ualbroficial.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmJlbmVmaWNpb3Mtc29jaWFpcyUyRmZndHMtY29uc3VsdGEtZG8tc2FsZG8tZGlzcG9uaXZlbCUyRiUzRnV0bV9zb3VyY2UlM0RBY3RpdmVDYW1wYWlnbiUyNnV0bV9tZWRpdW0lM0RlbWFpbCUyNnV0bV9jb250ZW50JTNERkdUUyUyQkRpc3BvbiUyNUMzJTI1QUR2ZWwlMkJQYXJhJTJCU2FxdWUlMjUyQyUyQiUyQkZVTExOQU1FJTI2dXRtX2NhbXBhaWduJTNERmd0cw==&sig=EA926FoXbV65vxBRoUbXeuUiz6f7SW4JSz9GdBagbQy9&iat=1684451149&a=%7C%7C800730521%7C%7C&account=ualbroficial%2Eactivehosted%2Ecom&email=SBye14FwAHGF%2F3om%2BTBEK8axUsQnYctJdm5QojBVKqh2Cfaw%3AVx7UUR2%2BfKjZEx9hkKR0Bklyx%2FXZLw3T&s=e033ae177765c9832e7f94e2b85f32e4&i=945A981A11A3052 HTTP 302
https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/
Redirect Chain

https://ualbroficial.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmJlbmVmaWNpb3Mtc29jaWFpcyUyRmZndHMtY29uc3VsdGEtZG8tc2FsZG8tZGlzcG9uaXZlbCUyRiUzRnV0bV9zb3V...
https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts

73 KB
16 KB

318ms
243ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99b0dc1269f47c03b0e0b1451a69b01b8844deca551502b90274d73fad1a90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c9e026fa9375c1a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 19 May 2023 17:20:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://portalonbr.com/wp-json/>; rel="https://api.w.org/" <https://portalonbr.com/wp-json/wp/v2/posts/4740>; rel="alternate"; type="application/json" <https://portalonbr.com/?p=4740>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
protected: by MS23041901
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUOxfrZ9r5nk90I%2FZjGgj0K0ruhyUhFihWr9n5EcDLA7Hfd%2B78vvEWR6%2B8GHOApezQxzR14S%2BFQRSD9eGM6xWlFbFb4xBKP1DBuZ6x0MXSkNBgV0wTRZE7gN%2BPcXy%2FTXcJfNIVHUn3O2yoAPeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-micro-cache: EXPIRED
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/json
date: Fri, 19 May 2023 17:20:15 GMT
location: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
x-amz-apigw-id: FLhoZENCoAMFmCQ=
x-amzn-requestid: 48851107-ac64-431c-977d-0fd2aa0f3071
x-amzn-trace-id: Root=1-6467afcf-523ac908120b7d86308f4d8a;Sampled=0;lineage=12ce62b2:0

GET
H2 200 style.min.css
portalonbr.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 58ms
56ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.9

Requested by

Host: portalonbr.com
URL: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 08:23:42 GMT
server: cloudflare
etag: W/"6077f80e-e33b"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDV919nNxGOZjKu6XFl5wmwoFJgvcPJw%2FQCPmZOw7MgyZ6e6OPyG3xZAQj8VsYHkyPuyvEEgyHckmGnUUp%2Bzxot%2Fo%2BAkjGZId6TqosFqtw8WOEvSQD2H6AzO9TJznvlO8Jgq3C2E9KDDmtFrGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e0272bd2c5c1a-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H2 200 nav-leads.css
portalonbr.com/wp-content/plugins/Leads-Nave-1-6/ 1 KB
739 B 76ms
74ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/plugins/Leads-Nave-1-6/nav-leads.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f5145549c5d2f8ce343dc7e0b3fe54fcb5608beebbe13542e9e8c0d299f639e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Feb 2023 13:20:05 GMT
server: cloudflare
etag: W/"63f76805-446"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9i0FOMU8tc%2B4VFSn%2BZ%2FHM2MGYO%2BpmscsA9qgYIo3QAV3ld3bT1EXIWkisbYGCDesS%2BLEuOT5JM%2BwXqDUfLtS4Gf7dN7t3AWgP2zQSuxHJRpV78wLyyXGVcWWoxav1PRfMR2eCZtoOOSMkHbUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e0272bd2e5c1a-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET bootstrap.min.css
portalonbr.com/wp-content/themes/Portalonbr/css/ 0
0

GET
H2 200 style.css
portalonbr.com/wp-content/themes/Portalonbr/ 37 KB
8 KB 60ms
59ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1684516815

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a6ca5e7abeae43d0e5f8f16875a6981ffd187218bf3a5c265b1d222b0437b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Jun 2022 15:24:36 GMT
server: cloudflare
etag: W/"62a4b3b4-9396"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi%2FrpsoCd02HV32wh36V1e%2FiiJqAwIva3jDQU%2FH6U3FPR%2F7hAlS6UE6Qat%2BMfUu3kiGBlGFEJNxuf9h%2B9MDd%2F5BzendMSd%2FmuJx3cMk8R%2BQJclAKobURI7InnQseElsXo%2FAHrovNL3yWcr1ZOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e0272bd335c1a-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H2 200 jquery.min.js Show response
portalonbr.com/wp-includes/js/jquery/ 87 KB
32 KB 78ms
77ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 19:37:36 GMT
server: cloudflare
etag: W/"5ff61180-15d98"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKk3J6ujtGfIB4bB8gAvMj06YCgu5h8oITV06JeMMWSHgIuQ%2F5FO%2BjCC3sXVUW93izcbx2BSpaM98WmOB%2Fc75Bj6I0pKtH4h0qaad%2BOF3S3FePQ78WOTOtWHWLmYFYfixoyvdfdq9oCB3NCUNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e0272bd365c1a-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
portalonbr.com/wp-includes/js/jquery/ 11 KB
5 KB 76ms
75ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 19:37:36 GMT
server: cloudflare
etag: W/"5ff61180-2bd8"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjBvd9kYBCO8Y3TCQIZWW4K2c3gZ%2BVVz8bA977WaekoF7EWgmuhtsMfrrsZlFK5fWdQwH7%2BukQVp8S4%2BC3%2B%2BDzUZ%2B%2FGEGC2ABqZIDLIeGaXvQazn2HJraAPyMerbncsUT8UC4w38bTQ1oRjoSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e0272bd375c1a-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 148ms
93ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7c751f51a15f23b3aa3a7aabf149577879d9afd39fcd66aa8ac431de8b2f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25314
x-xss-protection: 0
server: cafe
etag: 951 / 19496 / m202305150101 / config-hash: 2322937279703466010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 17:20:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 105ms
50ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HKK31FJZ2L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7579e0d7c5494392f9ac3ef54acccc88052f334db70a9803fca29db88424b27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 17:20:15 GMT

GET
H3 200 logo2top.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 70 KB
71 KB 122ms
120ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/logo2top.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adebd190254b82d034e05a5fde9dc2088bf7388a15cd9a0e31c79ac143202810

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71673
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-117f9"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWn4BVUM9Lm8sWYTEsEVsmByury5PhKvT%2B1lc3qgkIf3nT5P0gH6U3rEvKrVb3NxSkcnXnteF0oJGCEpkW6nOiQH4UhCgmtiutIgQFyqj9cpg%2BjVHcRMkOSVWBOqGOrDE5czqVoGAweaSbGGOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c9e027359d435fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 portal2.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 10 KB
10 KB 60ms
58ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/portal2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ff92a392f79b4d79b60045b99d6f795c7ab3a48053dd8ed549445925a45d71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9741
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-260d"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqB8gU1b5N2w%2F32r4p77plkh7uZnXJxISRqyIpCjz8JpxsGikfsCVnDsiWt6W0cpJkLIFg1wGP%2FTeIuC5L%2B3xSYuSRioFM6NNG4DRKhbW9IDwM1fg4pwkl%2Fh6U4fkfMU4vhAxMAfM7FQRMqqkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c9e027359d535fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 83ms
29ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=onLoadGoogleCallback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c92ee564692460e872baf37f008c73ac13456a1bc2032814dac88e2e6f410f28

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 17:20:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21031
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "7b64775e1e42ef2b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 17:20:15 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
878 B 87ms
32ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe7971f2b273fa6ab7c2040f3b2d64a82cdd59400f71f4c1e2ca91295424dcb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 1; mode=block
expires: Fri, 19 May 2023 17:20:15 GMT

GET
H3 200 jquery.email-autocomplete.js Show response
portalonbr.com/wp-content/plugins/nav-publicidade-1/js/ 6 KB
3 KB 50ms
50ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/plugins/nav-publicidade-1/js/jquery.email-autocomplete.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a137efbb55bc3ca60940fc859d41710107d05503a4f42237992089299a93b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Feb 2023 13:19:41 GMT
server: cloudflare
etag: W/"63f767ed-169e"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edFtvB0%2FAY97iZ0FWjIu2bFEvAVGQc7NGWURXm07ZWrIpFHmReGJ38DroMty2jP1CI%2FI2r%2BndHO5v2b4z5rL0L8Dr%2Fi1s1NUrRozcPjE8uMMumWZ0bkMcrSTtG%2BE2HWLR%2FWRxYY3OI7aA1p73A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e027349ac35fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 publicidade-funcoes.js Show response
portalonbr.com/wp-content/plugins/nav-publicidade-1/js/ 91 B
719 B 55ms
52ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/plugins/nav-publicidade-1/js/publicidade-funcoes.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e62513ea326e7668829fc20016020add93dad689094fdb0ff8cf3a2fc081dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Feb 2023 13:19:41 GMT
server: cloudflare
etag: W/"63f767ed-5b"
protected: by MS23041901
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pU4RljZD5xTG9PGw4wN57%2BxmZKaIrjJCB2Cit5%2Fn4vfsQXXgLLwYrKQ%2FN6ZHWR5OyeGE7kt22gWVc7LF5nHRPvINT1ONRSgH28k91gIIuzC2MH5ConL9X6BWLhnEuLfYvkR3EH54K1%2FSt9M4gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 7c9e027359cc35fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 flickity.js Show response
portalonbr.com/wp-content/themes/Portalonbr/js/ 54 KB
15 KB 121ms
118ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/js/flickity.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c126bc13a8986f1a9ac0cfd1cd67280a5ae0eca52d4519fe702b7cf85c76a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: W/"61fd46b8-d7cb"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRLbrssWQ5wyzlMhq%2FRSgd7lRdyjBxkkD%2FwxgtVMLtkB8ItLZmJ4IgHN%2F%2FuLwXpN54XjX4R%2Fc9jG76TXQ9mfx5s7ZWPGJPuYuVSE8XH9afQyKIwGlpe%2BBLbXKPEpIXzVyx171WzSRNBVpazliw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e027359cf35fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 funcoes.js Show response
portalonbr.com/wp-content/themes/Portalonbr/js/ 926 B
1 KB 79ms
77ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/js/funcoes.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d393fee4858d73610ef9ac7d9b9788f75147371523b18dc66ed92e62e1cf4e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: W/"61fd46b8-39e"
protected: by MS23041901
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOfTS5bX82qW259JVBk7x8%2FxylevQI2RwIHDWSVp5c3OTfUobsNEYxKNJAUB%2FBKAe2qpd8H9QrzVYJwrwKvdIAhz9Qo0Zfsrn9qbz0dDZMtZtAq2wC8XlGQcpDNDlJps1JSXDppKCFboTid7XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 7c9e027359d135fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 wp-embed.min.js Show response
portalonbr.com/wp-includes/js/ 1 KB
1 KB 122ms
119ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/wp-embed.min.js?ver=5.7.9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 May 2023 19:10:11 GMT
server: cloudflare
etag: W/"6463d513-5c6"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA1gJVy0ObqZk5IZFsvYNR0SBaITK65atHFRYTndJ2GC9ZZS%2BMowayZ2eLzGwyE6cW2mi6iu72gLIFhxs69RiTWpbqDkhXbdV2mw6wxX4qt8VA2zOXZyyXrJJmZecHyCHZPEjVbCWxY%2FC5JO4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e027359d235fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 wp-emoji-release.min.js Show response
portalonbr.com/wp-includes/js/ 14 KB
5 KB 70ms
69ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Feb 2021 07:21:35 GMT
server: cloudflare
etag: W/"601ba07f-3795"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Fzd88w%2FFAs8S7td48LloZe%2B89E0hYjxzl48j9nS6XFSu3O0uv9Os7CqPSriTYv8uUCQvUIc%2FuYzkHRFtkfdSduh21Tu5qupteciQ3HwDIMpjBL1xUK3jUZchEdAc3dh1Kq8q7RD1G3BvUHN9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7c9e027359d735fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 search.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 550 B
1 KB 135ms
135ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/search.png

Requested by

Host: portalonbr.com
URL: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1684516815

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bff94fc53b0367730ae0231d3ac6897ca493f98652f95613d5a2ee94d71eadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1684516815
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 550
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-226"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BhaJa4yf1wRo4C7DQYABC%2BTAzhXN8Icgi6OxCaLNUeI8SUfNKE8q9ehhGyzxSE%2BQPKwKAibkuRcz%2Bo6T9ieVnfzIryYPCp76wvM5bBuX5XNDayQCNbkXXfl4Z2WMvrdq3OHbnYWOib8HHcQmw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c9e027359d935fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 topoSeparaMenu.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 184 B
814 B 136ms
136ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/topoSeparaMenu.png

Requested by

Host: portalonbr.com
URL: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1684516815

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a760bb7f2b48d3f293dcb65b77aa6404ca9c381bb581c0fe393282316fc336

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1684516815
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 184
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-b8"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8FcK6YWi%2FZjKlktwsfQFQS1k766U7P63H%2Bu2rGvSHpZyIQUcNagsNMGgFTK4KPwQHWANOSHXQZP7LmY4ajBHfBgfoSyz%2F7IggrBRgw0qGe3cpff%2FnlLH%2B3FjJiOUXzDY3wgzYqXNxWBfQGb1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c9e027359da35fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H3 200 post-em-video-sobre-contato-no-zap-e-suporte-online-500x500.png
portalonbr.com/wp-content/uploads/ 134 KB
135 KB 68ms
67ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/post-em-video-sobre-contato-no-zap-e-suporte-online-500x500.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c704421b6dd2a655106012f65652e40f1a234222137e27b03013f6715e66b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:15 GMT
strict-transport-security: max-age=15768000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 137187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Mar 2023 12:59:22 GMT
server: cloudflare
etag: "6414642a-217e3"
x-download-options: noopen
vary: Accept-Encoding
protected: by MS23041901
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpNDTc1%2FEbWTQTocOy8X7bpd5kg0Ve2ME1j%2FSTPFgN%2BkothFFEiIZskT0JQLtACUjBw2oY0p%2Bjk2UIkoa5o0ocYLi3VKBTCES5I5JTiVtsKYfk6y8SYDiVh3FuaEzEiyyHZQYCKoghVkyYZPLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c9e027379f335fd-FRA
expires: Sat, 18 May 2024 17:20:15 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 411 KB
165 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8245841873c52eb3bba8b64194da020ec0defb4f74b26f459e7e30afde8be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalonbr.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168410
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 May 2024 17:07:30 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 116 KB
40 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=onLoadGoogleCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8d667b706cda220bb8cfaf9195b273ad86e71fd8ce10e9b32d9ba625f14d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40092
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 21:14:07 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 73ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HKK31FJZ2L&gtm=45je35h0&_p=202161921&cid=1149705094.1684516816&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684516816&sct=1&seg=0&dl=https%3A%2F%2Fportalonbr.com%2Fbeneficios-sociais%2Ffgts-consulta-do-saldo-disponivel%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DFGTS%2BDispon%25C3%25ADvel%2BPara%2BSaque%252C%2B%2BFULLNAME%26utm_campaign%3DFgts&dt=FGTS%20%7C%20Consulta%20Do%20Saldo%20Dispon%C3%ADvel&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HKK31FJZ2L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 17:20:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalonbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 408 KB
126 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24237
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128722
x-xss-protection: 0
server: cafe
etag: 7615930951174331818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 18 May 2024 10:36:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 162 B
123 B 97ms
56ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portalonbr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6747562d12afec18aa372db8df26dcc0ed4ddee64ab6bef98bbbfc5e45fbaad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
expires: Fri, 19 May 2023 17:20:16 GMT

GET
H2 200 22379248166 Show response
fundingchoicesmessages.google.com/i/ 132 KB
45 KB 102ms
53ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22379248166?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b157eaaa24894d9884bdb27ddca537d5a3c9db168c8a5ffc9c34c2a96c911eef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y4H4JLRwJuyZYyzPB1gsuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y4H4JLRwJuyZYyzPB1gsuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXLHFWkioPKGfremrMtf-DnjMXXN9ywKHbltV-IxBOTCodUbBhTrOe2P-d2iJTEa0X_2MexidAtM__-UyPQC4Q= Show response
fundingchoicesmessages.google.com/f/ 929 KB
101 KB 201ms
200ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLHFWkioPKGfremrMtf-DnjMXXN9ywKHbltV-IxBOTCodUbBhTrOe2P-d2iJTEa0X_2MexidAtM__-UyPQC4Q=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NTE2ODE2LDM1MzAwMDAwMF0sIjMyRjRBMjlELTcxQ0ItNEFDNS05QkIzLUU2ODBDMzAzODdENyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcG9ydGFsb25ici5jb20vYmVuZWZpY2lvcy1zb2NpYWlzL2ZndHMtY29uc3VsdGEtZG8tc2FsZG8tZGlzcG9uaXZlbC8iLG51bGwsW1s4LCJKZkE3LWlmVFlTbyJdLFs5LCJkZSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.JfA7-ifTYSo.es5.O/d=1/rs=AJlcJMzwaGYaKxlIN36FvEZUbCxN0Iyjkg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7adf4799d669498cba7edeed4c7784d80c134bb4b7f7f91f5ad91400ead636f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gYvoLUPDNJcey5g6a3VaSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gYvoLUPDNJcey5g6a3VaSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 63 KB
4 KB 184ms
42ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.JfA7-ifTYSo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzwaGYaKxlIN36FvEZUbCxN0Iyjkg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b859ee6d93b127bfcd615c11bb14f6968f9bcbfd635dbcf5bdfcc34c71e1e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 17:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 17:20:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 17:20:16 GMT

GET
H2 200 luSgtyaPt_6tYShmGEvhMcOWEM60NNxVFbZOmmmnfmZtfwG4PHg34BNvP_33cM-mIRcdZbHf0CU5W1S15s2bQfROTd74tGZ1Rf9fU-Ek9AOJYqPnTl1c=h60
lh3.googleusercontent.com/ 5 KB
6 KB 414ms
280ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/luSgtyaPt_6tYShmGEvhMcOWEM60NNxVFbZOmmmnfmZtfwG4PHg34BNvP_33cM-mIRcdZbHf0CU5W1S15s2bQfROTd74tGZ1Rf9fU-Ek9AOJYqPnTl1c=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

398b827e66fb2b8cd22ea7f3c204c3351b63f35a2a8621f549b8c0456783b056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:20:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5346
x-xss-protection: 0
expires: Sat, 20 May 2023 17:20:17 GMT

POST
H3 204 AGSKWxWes718loh20Zno2FT0eMoY-I7T9ko8vmACQRWA57kp3J3C0wIYxSvj0rPSDRRiyREDqp_7CAo0ZPtNG1QiIy5C-N3P4_K9C3EUgAkFIW71u75lWBaO6_xBE7o4VQ6W6ZRRkvOCgQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 76ms
34ms XHR
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWes718loh20Zno2FT0eMoY-I7T9ko8vmACQRWA57kp3J3C0wIYxSvj0rPSDRRiyREDqp_7CAo0ZPtNG1QiIy5C-N3P4_K9C3EUgAkFIW71u75lWBaO6_xBE7o4VQ6W6ZRRkvOCgQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HsZdVZEdSM5_EPJgPvvYSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalonbr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 May 2023 17:20:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-HsZdVZEdSM5_EPJgPvvYSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://portalonbr.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 122ms
75ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:29:28 GMT
x-content-type-options: nosniff
age: 517848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:29:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 87ms
42ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 558601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:10:15 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 92ms
53ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 560088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:45:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 58ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 560088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:45:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 99ms
61ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 560088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:45:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portalonbr.com
URL: https://portalonbr.com/wp-content/themes/Portalonbr/css/bootstrap.min.css

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portalonbr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: paq87cirpmgge835d2edaqtioc
.portalonbr.com/	1970-01-20 21:31:16	Name: _ga_HKK31FJZ2L Value: GS1.1.1684516816.1.0.1684516816.0.0.0
.portalonbr.com/	1970-01-20 21:31:16	Name: _ga Value: GA1.1.1149705094.1684516816

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://portalonbr.com/beneficios-sociais/fgts-consulta-do-saldo-disponivel/?utm_source=ActiveCampaign&utm_medium=email&utm_content=FGTS+Dispon%C3%ADvel+Para+Saque%2C++FULLNAME&utm_campaign=Fgts Message: Refused to apply style from 'https://portalonbr.com/wp-content/themes/Portalonbr/css/bootstrap.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
portalonbr.com
region1.google-analytics.com
securepubads.g.doubleclick.net
ualbroficial.lt.acemlna.com
www.google.com
www.googletagmanager.com
www.gstatic.com
portalonbr.com
2001:4860:4802:34::36
2a00:1450:4001:801::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a06:98c1:3120::3
34.225.226.55
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
1b859ee6d93b127bfcd615c11bb14f6968f9bcbfd635dbcf5bdfcc34c71e1e46
1bff94fc53b0367730ae0231d3ac6897ca493f98652f95613d5a2ee94d71eadb
1f8d667b706cda220bb8cfaf9195b273ad86e71fd8ce10e9b32d9ba625f14d23
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
398b827e66fb2b8cd22ea7f3c204c3351b63f35a2a8621f549b8c0456783b056
3a8245841873c52eb3bba8b64194da020ec0defb4f74b26f459e7e30afde8be0
3e62513ea326e7668829fc20016020add93dad689094fdb0ff8cf3a2fc081dba
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6747562d12afec18aa372db8df26dcc0ed4ddee64ab6bef98bbbfc5e45fbaad4
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6c704421b6dd2a655106012f65652e40f1a234222137e27b03013f6715e66b87
7579e0d7c5494392f9ac3ef54acccc88052f334db70a9803fca29db88424b27f
7a137efbb55bc3ca60940fc859d41710107d05503a4f42237992089299a93b90
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f5145549c5d2f8ce343dc7e0b3fe54fcb5608beebbe13542e9e8c0d299f639e
7ff92a392f79b4d79b60045b99d6f795c7ab3a48053dd8ed549445925a45d71a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8c126bc13a8986f1a9ac0cfd1cd67280a5ae0eca52d4519fe702b7cf85c76a43
9a6ca5e7abeae43d0e5f8f16875a6981ffd187218bf3a5c265b1d222b0437b0e
adebd190254b82d034e05a5fde9dc2088bf7388a15cd9a0e31c79ac143202810
ae7c751f51a15f23b3aa3a7aabf149577879d9afd39fcd66aa8ac431de8b2f56
b157eaaa24894d9884bdb27ddca537d5a3c9db168c8a5ffc9c34c2a96c911eef
b99b0dc1269f47c03b0e0b1451a69b01b8844deca551502b90274d73fad1a90d
b9a760bb7f2b48d3f293dcb65b77aa6404ca9c381bb581c0fe393282316fc336
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
c92ee564692460e872baf37f008c73ac13456a1bc2032814dac88e2e6f410f28
d393fee4858d73610ef9ac7d9b9788f75147371523b18dc66ed92e62e1cf4e5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7adf4799d669498cba7edeed4c7784d80c134bb4b7f7f91f5ad91400ead636f
fe7971f2b273fa6ab7c2040f3b2d64a82cdd59400f71f4c1e2ca91295424dcb2

portalonbr.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

92 %IPv6

9 Domains

12 Subdomains

12 IPs

2 Countries

1213 kBTransfer

3274 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalonbr.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

92 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

1213 kB
Transfer

3274 kB
Size

3
Cookies

37 HTTP transactions
0 data transactions