portalfinanca.com Open in urlscan Pro
158.69.126.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portalfinanca.com/
Submission: On October 26 via api (October 26th 2024, 12:25:00 pm UTC) from JP — Scanned from CA

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 17 domains to perform 91 HTTP transactions. The main IP is 158.69.126.217, located in Montreal, Canada and belongs to OVH, FR. The main domain is portalfinanca.com.
TLS certificate: Issued by E5 on August 29th 2024. Valid for: 3 months.

This is the only time portalfinanca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	158.69.126.217 158.69.126.217	16276 (OVH) (OVH)
2	173.194.204.155 173.194.204.155	15169 (GOOGLE) (GOOGLE)
1	52.85.132.85 52.85.132.85	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c04::5f	15169 (GOOGLE) (GOOGLE)
3	173.194.207.154 173.194.207.154	15169 (GOOGLE) (GOOGLE)
2	54.90.24.34 54.90.24.34	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:400d:c02::61	15169 (GOOGLE) (GOOGLE)
3	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	173.194.175.94 173.194.175.94	15169 (GOOGLE) (GOOGLE)
1	18.160.18.55 18.160.18.55	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:400d:c02::8b	15169 (GOOGLE) (GOOGLE)
1	209.85.201.147 209.85.201.147	15169 (GOOGLE) (GOOGLE)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
1	37.19.207.34 37.19.207.34	60068 (CDN77 _) (CDN77 _)
1	2607:f8b0:400... 2607:f8b0:400d:c04::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c01::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	173.194.66.94 173.194.66.94	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	209.85.201.155 209.85.201.155	15169 (GOOGLE) (GOOGLE)
1	173.194.204.154 173.194.204.154	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.66.157 173.194.66.157	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
1	209.85.201.103 209.85.201.103	15169 (GOOGLE) (GOOGLE)
9	173.194.205.113 173.194.205.113	15169 (GOOGLE) (GOOGLE)
91	31

32 158.69.126.217 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns522508.ip-158-69-126.net

portalfinanca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-85.iad50.r.cloudfront.net

js.publinker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.207.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.90.24.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-24-34.compute-1.amazonaws.com

ivt.publinker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c02::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.194.175.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-55.iad12.r.cloudfront.net

secure.lomadee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c02::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net

cdn.pushalert.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::65 (Morganton, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.201.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f157.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

portalfinanca90.pushalert.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.103 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 173.194.205.113 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f113.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	portalfinanca.com portalfinanca.com	3 MB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	75 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	183 KB
4	gstatic.com fonts.gstatic.com	81 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1955 ka-f.fontawesome.com — Cisco Umbrella Rank: 5838	25 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
3	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9320 prism.app-us1.com — Cisco Umbrella Rank: 9406	9 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	195 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	249 KB
3	publinker.com js.publinker.com ivt.publinker.com	35 KB
2	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9615	357 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	pushalert.co cdn.pushalert.co — Cisco Umbrella Rank: 53969 portalfinanca90.pushalert.co	45 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
1	lomadee.com secure.lomadee.com — Cisco Umbrella Rank: 318814	292 B
91	17

	Domain	Requested by
32	portalfinanca.com	portalfinanca.com
12	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	www.googletagmanager.com	portalfinanca.com www.googletagmanager.com
3	pagead2.googlesyndication.com	portalfinanca.com pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	portalfinanca.com securepubads.g.doubleclick.net
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	trackcmp.net	diffuser-cdn.app-us1.com
2	www.facebook.com	portalfinanca.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	prism.app-us1.com	diffuser-cdn.app-us1.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google.com	www.googletagmanager.com ep2.adtrafficquality.google
2	ivt.publinker.com	js.publinker.com
2	fonts.googleapis.com	portalfinanca.com
1	portalfinanca90.pushalert.co	cdn.pushalert.co
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.google.ca	portalfinanca.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	cdn.pushalert.co	portalfinanca.com
1	secure.lomadee.com	portalfinanca.com
1	diffuser-cdn.app-us1.com	portalfinanca.com
1	kit.fontawesome.com	portalfinanca.com
1	js.publinker.com	portalfinanca.com
91	27

This site contains no links.

Subject Issuer	Validity	Valid
portalfinanca.com E5	`2024-08-29` - `2024-11-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
js.publinker.com Amazon RSA 2048 M03	`2024-04-28` - `2025-05-27`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
ivt.publinker.com Amazon RSA 2048 M03	`2024-07-11` - `2025-08-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
diffuser-cdn.app-us1.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.lomadee.com Amazon RSA 2048 M02	`2023-12-03` - `2025-01-01`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-04` - `2024-11-02`	3 months	crt.sh
*.pushalert.co Sectigo RSA Organization Validation Secure Server CA	`2024-05-08` - `2025-05-08`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.ca WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
prism.app-us1.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
trackcmp.net WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://portalfinanca.com/
Frame ID: 18CD3FB54B438C09DB1B880D2074BA9C
Requests: 82 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fportalfinanca.com
Frame ID: E20B6EC20446994C5FB6E9D85EB0FC6E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-PS06DSM40X&gacid=1389155437.1729945494&gtm=45je4ao0v9164822823z8837658846za200zb837658846&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848&z=1117649374
Frame ID: 67F914BB999D89605F9CDBF9FDE7A0AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Frame ID: 5B51D1895AF82CB30FF2CE86563A9555
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6916247838953721&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729945493&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fportalfinanca.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729945493480&bpp=3&bdt=511&idt=217&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8682628070625&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95346096%2C31087700%2C95343681%2C95344189%2C95344791%2C95345270%2C31088451%2C95344978%2C95345789&oid=2&pvsid=3005698227384341&tmod=315518990&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=463
Frame ID: E3E7C1C319FC000D54C698353F5005E3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 252EDA2514D0D4D2FAAEEA9BD132EC23
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 4FEF1B7DC71103FAC67BC0A500B9938B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B88CAC3386496209E6B472CEB271986
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PortalFinança.com - Para quem busca informação

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

91
Requests

98 %
HTTPS

43 %
IPv6

17
Domains

27
Subdomains

31
IPs

2
Countries

3664 kB
Transfer

6515 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
portalfinanca.com/ 177 KB
47 KB 181ms
30ms Document
text/html 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 / PHP/7.4.33
Resource Hash: aa21b3d14448d5bc1d833cbbd29a8a9842750cf48135821fff03f4d2e60de366

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 12:24:52 GMT
link: <https://portalfinanca.com/wp-json/>; rel="https://api.w.org/"
server: nginx/1.14.1
vary: Accept-Encoding
x-cache-status: HIT
x-powered-by: PHP/7.4.33

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 248ms
112ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

768075c747853b68420e44a72d6ceac1676edee011349dd318d1a48097b2af1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: br
etag: 387 / 20022 / 31088406 / config-hash: 7111543634931288829
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 12:24:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33431
x-xss-protection: 0
server: cafe

GET
H2 200 wrapper.v2.portalfinanca.com.js Show response
js.publinker.com/ 130 KB
35 KB 209ms
51ms Script
application/javascript 52.85.132.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.publinker.com/wrapper.v2.portalfinanca.com.js
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-85.iad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42117f44f51aa2b89a6c3e302db593716a79a5491b9b719386059d6a93f9c1e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-amz-version-id: 60ZuyrgrZgjUDapdJLoZCc534fLGD.v1
etag: W/"9c916b52e2862d56002831332778145f"
age: 224
expires: Wed, 23 Oct 2024 02:46:59 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9u-MRcOTpNO9JtiBjwwXgYERGgFI8ptiWaOhd4KQd47SUiCHt-xrZA==
date: Sat, 26 Oct 2024 12:21:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 02:42:00 GMT
cache-control: public, max-age=360
via: 1.1 6f18ca2e5109f8aa7cd1212932dc4e9a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 184fc27d6a.js Show response
kit.fontawesome.com/ 13 KB
5 KB 180ms
71ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/184fc27d6a.js
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b44cae8de48e1784a907040f180d673f61015f10e0e5497656f20b05062147

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://portalfinanca.com
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 3000
x-request-id: GAIAK60HYafoGP2Y9M_C
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: HIT
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d8a6d03ffa07145-YUL
access-control-allow-origin: *
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 core.css
portalfinanca.com/wp-content/plugins/look-ruby-core/assets/ 3 KB
928 B 33ms
30ms Stylesheet
text/css 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/plugins/look-ruby-core/assets/core.css?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 90c98c6ba03264ccfb2fbedb93df6e1563ae25ced01433aed386e0cc9a0a0867

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"607458b2-b00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Mon, 12 Apr 2021 14:26:58 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 7 KB
835 B 204ms
93ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arial%2C+Helvetica%2C+sans-serif%3A400%7CPoppins%3A700%2C400%7CMontserrat%3A700%2C400%7CRaleway%3A400&font-display=swap&ver=5.5

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7896995fe3961a008e1d36c54e39397dc76fd05968dd7be124de75963eb2ac3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 12:24:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 26 Oct 2024 12:24:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 style.min.css
portalfinanca.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 35ms
32ms Stylesheet
text/css 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"65d4a698-1ae43"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Tue, 20 Feb 2024 13:18:16 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 external-style.css
portalfinanca.com/wp-content/themes/look/assets/external/ 120 KB
20 KB 35ms
33ms Stylesheet
text/css 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/assets/external/external-style.css?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 764fe762d293e74891ca73403f8aca55db4a43b9beafe784856cd82511497ade

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"605976e7-1df7b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Tue, 23 Mar 2021 05:04:39 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 theme-style.css
portalfinanca.com/wp-content/themes/look/assets/css/ 146 KB
22 KB 50ms
48ms Stylesheet
text/css 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/assets/css/theme-style.css?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 95ae52ac801c76322fb95112873bd566f480cb678d7f331871c1c1c32e007e1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"656f310c-2493b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Tue, 05 Dec 2023 14:17:48 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 theme-responsive.css
portalfinanca.com/wp-content/themes/look/assets/css/ 50 KB
7 KB 62ms
60ms Stylesheet
text/css 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/assets/css/theme-responsive.css?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: ecb826b055454521c9f334c5effc5138ef31d5ed66afb9a6bc5a1d51d6f65325

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"605976e7-c84c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Tue, 23 Mar 2021 05:04:39 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 style.css
portalfinanca.com/wp-content/themes/look/ 506 B
495 B 61ms
60ms Stylesheet
text/css 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/style.css?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: e01a1ef36d2d558cec017b95826d971963fffb3af481fc49d9df3b63c7c4f2ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"615f5fc1-1fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Thu, 07 Oct 2021 20:59:45 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 76 KB
2 KB 172ms
62ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin&font-display=swap&ver=1717511690

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1a57bf4789f61e62f803ff2d0f1836fae431a388e0ac93bb333bebcff2484b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 12:24:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 26 Oct 2024 12:24:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery.min.js Show response
portalfinanca.com/wp-includes/js/jquery/ 86 KB
30 KB 62ms
60ms Script
application/javascript 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"65d4a698-15601"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 13:18:16 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
portalfinanca.com/wp-includes/js/jquery/ 13 KB
5 KB 63ms
62ms Script
application/javascript 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"65d4a698-3509"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 13:18:16 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 184ms
79ms Script
text/javascript 173.194.207.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6916247838953721

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f154.1e100.net

Software

cafe /

Resource Hash

1b10863cc99e782eaa4ec06571512b9f4b0bdb5670058097ca56f1cfa61f85a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://portalfinanca.com
Referer: https://portalfinanca.com/

Response headers

content-encoding: br
etag: 5677248163162728023
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 12:24:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53297
x-xss-protection: 0
server: cafe

GET
H2 200 auxilio-3.png
portalfinanca.com/wp-content/uploads/2020/12/ 5 KB
5 KB 64ms
63ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2020/12/auxilio-3.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 4c1a398a388e7935642179d2512ff37613fa5a5cf48eba0a67ff61828597f8b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "60f1755f-128b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 4747
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Fri, 16 Jul 2021 12:02:39 GMT
server: nginx/1.14.1

GET
H2 200 Solicite-Facil-2-760x500.png
portalfinanca.com/wp-content/uploads/2024/10/ 459 KB
460 KB 63ms
62ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Solicite-Facil-2-760x500.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: ff94ffa02873ac7aa1b12b9cea60e6754dfcb87a0c6e568bbbe6981b7406c9e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "67163cd5-72c22"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 470050
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 11:36:53 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-39-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 114 KB
115 KB 78ms
77ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-39-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 6aec037d5cc0125838615de358e5b6598bd60703bd2aabf6c310e4602e37c37d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "67171a9e-1c9a3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 117155
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 03:23:10 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-6-360x250.png
portalfinanca.com/wp-content/uploads/2023/10/ 28 KB
28 KB 43ms
43ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2023/10/Portal-Financa-6-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: f31d518590c19c16ed33c9ee65359a64d6d2ce0da942c7c897ce9ad18157286a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "651de46b-6e42"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 28226
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Wed, 04 Oct 2023 22:17:15 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-38-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 88 KB
88 KB 33ms
30ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-38-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 22718f1fecc94e0174f36d829a5fdfc2be71b7f802230cc07e7bfa44f841bfae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "67171889-16061"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 90209
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 03:14:17 GMT
server: nginx/1.14.1

GET
H2 200 Solicite-Facil-2-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 141 KB
142 KB 35ms
33ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Solicite-Facil-2-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 61bca7389b567b18af731514a7de85ac66ae1c9e36420b5c128f6128b52dd83d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "67163cd5-235c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 144839
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 11:36:53 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-3-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 108 KB
109 KB 75ms
73ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-3-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 7c03c60d9180fa0edac38949134bfb3999329a1d7b372f11efc30890136e6456

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "671462f6-1b14b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 110923
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Sun, 20 Oct 2024 01:55:02 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-1-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 104 KB
104 KB 76ms
74ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-1-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 064b913fe1422aa76a1df71a0edb3ef6a910af95caa3d4d6d5c2a0c80eccaae1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "67132b48-19f92"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 106386
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Sat, 19 Oct 2024 03:45:12 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 165 KB
166 KB 77ms
75ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 96d16fb3a6a711b40f773981f2620b944cfeb6c3fc8cbf12e05f77a3929a6085

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "671327d0-2959f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 169375
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Sat, 19 Oct 2024 03:30:24 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-34-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 129 KB
129 KB 78ms
76ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-34-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 7672c61a038975e758ccf9b28396eee3eb128e0f7be196f6849a5a4cf8e23b75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "670d1b8b-203a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 132000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Mon, 14 Oct 2024 13:24:27 GMT
server: nginx/1.14.1

GET
H2 200 core.js Show response
portalfinanca.com/wp-content/plugins/look-ruby-core/assets/ 278 B
385 B 29ms
29ms Script
application/javascript 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/plugins/look-ruby-core/assets/core.js?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: d68e777f867ba8ce08025bbbf83756fa3ae263592894525d87727c1d9b2e8bb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"607458b2-116"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript
last-modified: Mon, 12 Apr 2021 14:26:58 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 external-script.js Show response
portalfinanca.com/wp-content/themes/look/assets/external/ 149 KB
43 KB 32ms
32ms Script
application/javascript 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/assets/external/external-script.js?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 8495124a0f308a611d0d617588194407fcfabcb479f90e5d634d087020ae0093

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"605976e7-25571"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript
last-modified: Tue, 23 Mar 2021 05:04:39 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H2 200 theme-script.js Show response
portalfinanca.com/wp-content/themes/look/assets/js/ 56 KB
9 KB 31ms
31ms Script
application/javascript 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/assets/js/theme-script.js?ver=5.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: ff8ebf0650a50eb0d582d572f34878d70e4f5e198aec47e3099bc9e3e700aa94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"605976e7-e1f1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript
last-modified: Tue, 23 Mar 2021 05:04:39 GMT
server: nginx/1.14.1
vary: Accept-Encoding

OPTIONS
H2 200 checker
ivt.publinker.com/ Frame 0
0 230ms
46ms Preflight
application/json 54.90.24.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ivt.publinker.com/checker?d=portalfinanca.com&r=&type=display&sid=undefined-portalfinanca.com&c=undefined-undefined-undefined-undefined-undefined&cust=undefined-undefined&cust2=undefined&cust3=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.90.24.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-24-34.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://portalfinanca.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 26 Oct 2024 12:24:53 GMT
x-amz-apigw-id: AQffaGy5oAMELYA=
x-amzn-requestid: 57ae74f5-dc10-4dff-9aa9-b85ed9a97b35

GET
H2 200 checker Show response
ivt.publinker.com/ 32 B
350 B 89ms
88ms XHR
application/json 54.90.24.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ivt.publinker.com/checker?d=portalfinanca.com&r=&type=display&sid=undefined-portalfinanca.com&c=undefined-undefined-undefined-undefined-undefined&cust=undefined-undefined&cust2=undefined&cust3=undefined
Requested by: Host: js.publinker.com
URL: https://js.publinker.com/wrapper.v2.portalfinanca.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.90.24.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-24-34.compute-1.amazonaws.com
Software: /
Resource Hash: 6fc4530a05f03426345d0be8fffa12ebe223830df2940ca8646ba7c9ea0d248c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8;
Referer: https://portalfinanca.com/

Response headers

x-amz-apigw-id: AQffaHmVoAMEUgA=
x-amzn-trace-id: Root=1-671cdf95-78c8ac1f45d81fed7af90305;Parent=3604b35b05a83140;Sampled=0;Lineage=1:35caa916:0
x-amzn-requestid: 6f01db03-2581-4b15-928c-6ab228e2713d
access-control-allow-origin: *
content-length: 32
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/json
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key

GET b45a6ce2-930f-4023-8b32-3f5898eebfa9
https://portalfinanca.com/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 295 KB
99 KB 183ms
66ms Script
application/javascript 2607:f8b0:400d:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXWN8X2

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b280f8cb68e50e9f8dd035dfc9945209901e8f54e9024e17016df78be932baf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 26 Oct 2024 12:24:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100982
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 146ms
58ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=184fc27d6a
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/184fc27d6a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
age: 155832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WI2mdqTf9mp4k%2BmxxluHxXN3WGgvOaG1qxK1z5WKXg6a2bXP7Dp4jNx7ZUkBBvuV6KoXNaxaLJqXVYh5Bm1PUkLYS7IICuCqAk7nzpjbiG%2BgerHrDitI0EAjczaJUkghuutpd9wkjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: j40F18yo52mcwfgw0cGU4tpAmND67EmQpvcuPtcT1Yg8g138EK_41Q==
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=36108&sent=17&recv=10&lost=0&retrans=0&sent_bytes=11132&recv_bytes=6265&delivery_rate=92485&cwnd=12000&unsent_bytes=0&cid=e3c27fd4e4e12455&ts=64&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
cf-ray: 8d8a6d056af4a20a-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YUL62-C2
server: cloudflare

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 134ms
47ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=184fc27d6a
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/184fc27d6a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
age: 808918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mpOQpEE3F78c3bHjK6Bz5ePKs4nwd%2BQv%2BlEh9oAZINhlXHwjIy%2BDZE6xERaHAxalhUvulfhgaD1obgQtfXpQPV3QlAxnA9ToogpQ27uzSlgiruFuDy4jDo9wVWzjk1Lh23EbefocXg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 8KDrOV3roR_BqHPvTx9FkzzLHOJMZQArK68YrRAnhQwqQyq-JVfPjA==
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=36108&sent=10&recv=10&lost=0&retrans=0&sent_bytes=4158&recv_bytes=6265&delivery_rate=92485&cwnd=12000&unsent_bytes=0&cid=e3c27fd4e4e12455&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 9d74a9927aad686263db138d3a81a4aa.cloudfront.net (CloudFront)
cf-ray: 8d8a6d056af6a20a-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YTO50-P3
server: cloudflare

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 135ms
48ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=184fc27d6a
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/184fc27d6a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
age: 1201163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVX54TR6SSKsjx9LvV%2BIAcUvQkXYSfPBKF219ojxfgs9Sg1BG1RouUCV3YBKHRMfia%2Fhn0JBXi46ba5nGvTEFHL%2FuI4iqLMezWP%2FceBjLLZtfcv4MJ8GSsi1V4VNK2emy1upvwqalg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FRS412jkj4bGeDtUfrYxQB8lO45J6QueHP59RszHfJ7_cGl6mrPnzw==
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=36108&sent=15&recv=10&lost=0&retrans=0&sent_bytes=9407&recv_bytes=6265&delivery_rate=92485&cwnd=12000&unsent_bytes=0&cid=e3c27fd4e4e12455&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 0a472f56811a2c400131d34f5ca0c46e.cloudfront.net (CloudFront)
cf-ray: 8d8a6d056af2a20a-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YTO50-P3
server: cloudflare

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 500ms
44ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"234346615b452270c8ee1158258c83bb"
age: 160
x-cache: Hit from cloudfront
x-amz-cf-id: I4Ufor0np8p9gvJw36GMLdK9oVCwbRM_klDSjGqjjVunMZBorpyTZg==
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:47:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=300
via: 1.1 266ac52f1cf22bd836a3ed8dfdd6f30c.cloudfront.net (CloudFront)
cf-ray: 8d8a6d07df6da2f2-YUL
x-amz-cf-pop: ATL59-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fontawesome-webfont.woff2
portalfinanca.com/wp-content/themes/look/assets/external/fonts/ 70 KB
70 KB 55ms
53ms Font
application/octet-stream 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/assets/external/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/wp-content/themes/look/assets/external/external-style.css?ver=5.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://portalfinanca.com
Referer: https://portalfinanca.com/wp-content/themes/look/assets/external/external-style.css?ver=5.5

Response headers

accept-ranges: bytes
content-length: 71896
date: Sat, 26 Oct 2024 12:24:53 GMT
etag: "605976e7-118d8"
content-type: application/octet-stream
last-modified: Tue, 23 Mar 2021 05:04:39 GMT
server: nginx/1.14.1

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 148ms
92ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arial%2C+Helvetica%2C+sans-serif%3A400%7CPoppins%3A700%2C400%7CMontserrat%3A700%2C400%7CRaleway%3A400&font-display=swap&ver=5.5

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://portalfinanca.com
Referer: https://fonts.googleapis.com/

Response headers

age: 298554
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 01:28:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:28:59 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 164ms
108ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://portalfinanca.com
Referer: https://fonts.googleapis.com/

Response headers

age: 347008
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 12:01:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 12:01:25 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 119ms
64ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin&font-display=swap&ver=1717511690

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://portalfinanca.com
Referer: https://fonts.googleapis.com/

Response headers

age: 301020
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 00:47:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 00:47:53 GMT
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34288
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 117ms
61ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://portalfinanca.com
Referer: https://fonts.googleapis.com/

Response headers

age: 301080
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 00:46:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 00:46:53 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/ 484 KB
150 KB 54ms
54ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088406

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

9d8079bd87d18a999fd66ac9a8180a5e3dcc98f2026bb55c7b0bfadf320e9550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: br
etag: 8346487463128917563
age: 6135
x-content-type-options: nosniff
expires: Sun, 26 Oct 2025 10:42:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 26 Oct 2024 10:42:38 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153236
x-xss-protection: 0
server: cafe

GET
H2 200 Portal-Financa-3-300x270.png
portalfinanca.com/wp-content/uploads/2024/10/ 101 KB
101 KB 34ms
32ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-3-300x270.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: d91d97ae8e8037e6512a08d82ea9e37f9df820596dffe32bba1763c78a0b48c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "671462f6-1926e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 103022
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Sun, 20 Oct 2024 01:55:02 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-1-300x270.png
portalfinanca.com/wp-content/uploads/2024/10/ 96 KB
96 KB 40ms
38ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-1-300x270.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: abf9ddda8b71aab0a17a5ff9630bcaa772589eecf506952a184f11509fbeb64e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "67132b48-17e74"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 97908
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Sat, 19 Oct 2024 03:45:12 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-300x270.png
portalfinanca.com/wp-content/uploads/2024/10/ 149 KB
149 KB 86ms
84ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-300x270.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: aebf75e4dc9b083db7cd09fc79267c3947bce5c37295669102c29782ce620bd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "671327d0-25322"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 152354
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Sat, 19 Oct 2024 03:30:24 GMT
server: nginx/1.14.1

GET
H2 200 Portal-Financa-34-300x270.png
portalfinanca.com/wp-content/uploads/2024/10/ 119 KB
119 KB 103ms
102ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Portal-Financa-34-300x270.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: dce63decd0d4269fec64a41dff6c2ad59460baad18f42c78a4f029d836ce6eec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "670d1b8b-1da2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 121387
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Mon, 14 Oct 2024 13:24:27 GMT
server: nginx/1.14.1

GET
H2 200 Solicite-Facil-2-1-760x500.png
portalfinanca.com/wp-content/uploads/2024/10/ 432 KB
432 KB 104ms
103ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Solicite-Facil-2-1-760x500.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 04d1352285efa1c941056333bd89b3f893a1933b072189dc7a4d88f8f4b8076b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "671a37dd-6bea6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 442022
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Thu, 24 Oct 2024 12:04:45 GMT
server: nginx/1.14.1

GET
H2 200 Solicite-Facil-360x250.png
portalfinanca.com/wp-content/uploads/2024/10/ 144 KB
144 KB 122ms
121ms Image
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalfinanca.com/wp-content/uploads/2024/10/Solicite-Facil-360x250.png
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: cdfbff51e1eb4b91b10849598fc78674de7a4bdf43fcf780e0a5cc5bf4bc9e8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "671a2c0c-24048"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 147528
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: image/png
last-modified: Thu, 24 Oct 2024 11:14:20 GMT
server: nginx/1.14.1

GET
H2 200 pub.png
secure.lomadee.com/ 70 B
292 B 184ms
43ms Image
image/png 18.160.18.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.lomadee.com/pub.png?pid=22971369
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.18.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-18-55.iad12.r.cloudfront.net
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

age: 8932715
via: 1.1 665d1c5fbd9802ee4a4f61e7446fc81e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 70
x-amz-cf-id: J0SorqDh5qNQDgp_eCIVXY9HW2uOHvac0g8-EHuLDuJava4pzrRJ9Q==
date: Mon, 15 Jul 2024 03:06:18 GMT
content-type: image/png
x-amz-cf-pop: IAD12-P4

GET
H2 200 wp-emoji-release.min.js Show response
portalfinanca.com/wp-includes/js/ 18 KB
5 KB 87ms
85ms Script
application/javascript 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.5
Requested by: Host: portalfinanca.com
URL: https://portalfinanca.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"65d4a698-4904"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 13:18:16 GMT
server: nginx/1.14.1
vary: Accept-Encoding

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/ 435 KB
145 KB 88ms
87ms Script
text/javascript 173.194.207.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088451

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6916247838953721

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f154.1e100.net

Software

cafe /

Resource Hash

b16cdbe7c07e446bd07dd84df2f8eb7e94ff625fc726ac773f85328ea23baa56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: br
etag: 136933858786132635
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 12:24:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148304
x-xss-protection: 0
server: cafe

GET
H2 200 21871672706 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 218ms
107ms Script
application/javascript 2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21871672706?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99b7e675ac24ba5554b2036b69854589157e5eee568e7d586c1906e75e2eab1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uP54dWAFV4boSWbThf10Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBxT93_ewSbQ8fnDUyYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDIyM9A4P4AgMA47tJjQ"
content-security-policy: script-src 'report-sample' 'nonce-uP54dWAFV4boSWbThf10Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 200 collect
www.google.com/ccm/ 0
0 197ms
92ms Ping
text/html 209.85.201.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fportalfinanca.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1797060481.1729945494&auid=1674470843.1729945494&npa=0&gtm=45He4ao0v837658846za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848&tft=1729945493633&tfd=855&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXWN8X2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.85.201.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qu-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
96 KB 66ms
65ms Script
application/javascript 2607:f8b0:400d:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PS06DSM40X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXWN8X2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fcd4e657b357a127135203df54fa73d0865993b91d7dc94392c9df19aee7860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 12:24:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97795
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 122ms
45ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXWN8X2

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4407, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 4ngOEh2dHeD5JwvNNm5WkhprpeQLjJ7ZDdAocrBOjo6nmbHy0wTc1mfeneF4fzClNJVBzKLwKPzUV4QwcYXbhA==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' data: blob: *;script-src 'report-sample' 'nonce-Wgdierqm' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 integrate_4b9aff9a56e794354d42c4de1398d973.js Show response
cdn.pushalert.co/ 248 KB
45 KB 260ms
87ms Script
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pushalert.co/integrate_4b9aff9a56e794354d42c4de1398d973.js

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

37-19-207-34.bunnyinfra.net

Software

BunnyCDN-ASB1-925 /

Resource Hash

2ecbba9a7e691ccba4807a656ef327a88f0c5dad7a566d21db4888a4a857646d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cdn-status: 200
content-encoding: br
x-content-type-options: nosniff
date: Sat, 26 Oct 2024 12:24:53 GMT
last-modified: Fri, 14 Jun 2024 16:58:35 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-frame-options: SAMEORIGIN
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains
cdn-cachedat: 10/16/2024 16:59:11
content-security-policy: frame-ancestors 'self';
cache-control: public, max-age=8640000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 1668653e-62f3-41a8-943a-09aa7358583c
cdn-requestid: f051aa36fee69ac687fc0fd6c13bba42
cdn-pullzone: 1594972
cdn-proxyver: 1.04
x-xss-protection: 1; mode=block
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: CA

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame E20B 0
0 151ms
53ms Document
text/html 2607:f8b0:400d:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fportalfinanca.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXWN8X2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 12:24:53 GMT
expires: Sun, 26 Oct 2025 12:24:53 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 164ms
54ms Fetch
text/plain 2607:f8b0:400d:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PS06DSM40X&gtm=45je4ao0v9164822823z8837658846za200zb837658846&_p=1729945493247&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848&cid=1389155437.1729945494&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729945493&sct=1&seg=0&dl=https%3A%2F%2Fportalfinanca.com%2F&dt=PortalFinan%C3%A7a.com%20-%20Para%20quem%20busca%20informa%C3%A7%C3%A3o&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=990
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PS06DSM40X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portalfinanca.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
546 B 160ms
51ms Ping
text/plain 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PS06DSM40X&cid=1389155437.1729945494&gtm=45je4ao0v9164822823z8837658846za200zb837658846&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PS06DSM40X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portalfinanca.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 67F9 0
0 168ms
61ms Document
text/html 2607:f8b0:400d:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-PS06DSM40X&gacid=1389155437.1729945494&gtm=45je4ao0v9164822823z8837658846za200zb837658846&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848&z=1117649374

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PS06DSM40X&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalfinanca.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 12:24:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 478ms
423ms Image
image/gif 173.194.66.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PS06DSM40X&cid=1389155437.1729945494&gtm=45je4ao0v9164822823z8837658846za200zb837658846&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101823848&tag_exp=101533422~101823848&z=2137261557

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 26 Oct 2024 12:24:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
333 B 242ms
129ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=477298147&u=https%3A%2F%2Fportalfinanca.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

284689645483bcb51b0e4d7f871b3c56829743164aa78d72f3fd522b2f75ae64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 66
cf-ray: 8d8a6d090811a30c-YUL
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.29
server: cloudflare

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
497 B 239ms
128ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=67689392&u=https%3A%2F%2Fportalfinanca.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

3fadf2d1002db194d57dc65a6f442bdb3d79ea28a6e31889bdf73ae062e52b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 65
cf-ray: 8d8a6d090814a30c-YUL
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.29
server: cloudflare

GET
H3 200 345728691700114 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 97ms
97ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/345728691700114?v=2.9.174&r=stable&domain=portalfinanca.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

cd8870d57e781e1d347f361f7e60e890ab2f0299b67075f6945ac35d6b34e2ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-bR5PLpGw' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-bR5PLpGw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=75, mss=1232, tbw=68399, tp=66, tpl=0, uplat=53, ullat=0
pragma: public
x-fb-debug: hV+g7H6oLGibkhp4H1kbMD1FJaTmh3vlBSufqpxgrHhNNGLBptSh2740qS4rD+9o08rnov6DF5jzegunAlrg2Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/ Frame 5B51 0
0 153ms
51ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088451

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalfinanca.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 50211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Oct 2024 22:28:03 GMT
etag: 13108003645644964576
expires: Fri, 08 Nov 2024 22:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUxdjtMhGCoDYFdUKTDYPlCjEtz7XlEHRfBgMikR-LWJmiWo6BEkaIJMmmk9P4g5dxKmkMlZPpV0e1Fmx4noBc3ekbUwfilY3in6EYR1UFSoVuh_D119um7dDszroKgwpNJgbSnWA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 70ms
69ms Script
application/javascript 2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUxdjtMhGCoDYFdUKTDYPlCjEtz7XlEHRfBgMikR-LWJmiWo6BEkaIJMmmk9P4g5dxKmkMlZPpV0e1Fmx4noBc3ekbUwfilY3in6EYR1UFSoVuh_D119um7dDszroKgwpNJgbSnWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5OTQ1NDkzLDkzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wb3J0YWxmaW5hbmNhLmNvbS8iLG51bGwsW1s4LCJaN2Z4VnpXY0hLNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba454cfa5b97e7f2755d201e43fa99377488368291dbf6504adad057073ef99b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qThkXMehKJxjEfkzGPvajg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBxT93_ewSbw4977c8xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYA8I9J0Q"
content-security-policy: script-src 'report-sample' 'nonce-qThkXMehKJxjEfkzGPvajg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 403 ads
googleads.g.doubleclick.net/pagead/ Frame E3E7 0
0 161ms
76ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6916247838953721&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729945493&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fportalfinanca.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729945493480&bpp=3&bdt=511&idt=217&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8682628070625&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95346096%2C31087700%2C95343681%2C95344189%2C95344791%2C95345270%2C31088451%2C95344978%2C95345789&oid=2&pvsid=3005698227384341&tmod=315518990&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=463

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088451

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalfinanca.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 12:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 252E 0
0 154ms
52ms Document
text/html 173.194.204.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410230101/pubads_impl.js?cb=31088406

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f154.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalfinanca.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29523
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 12:08:24 GMT
expires: Sat, 26 Oct 2024 12:58:24 GMT
last-modified: Mon, 21 Oct 2024 19:45:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 138ms
43ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=345728691700114&ev=PageView&dl=https%3A%2F%2Fportalfinanca.com&rl=&if=false&ts=1729945493970&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1729945493969.266970843192307141&pm=1&hrl=ce3606&ler=empty&cdl=API_unavailable&it=1729945493826&coo=false&tm=1&cs_cc=1&cas=8108322912592038%2C8093284510765809%2C7554894504640133%2C7703542596350251%2C8016552985028136&rqm=GET

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=2899, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 201ms
106ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=345728691700114&ev=PageView&dl=https%3A%2F%2Fportalfinanca.com&rl=&if=false&ts=1729945493970&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1729945493969.266970843192307141&pm=1&hrl=ce3606&ler=empty&cdl=API_unavailable&it=1729945493826&coo=false&tm=1&cs_cc=1&cas=8108322912592038%2C8093284510765809%2C7554894504640133%2C7703542596350251%2C8016552985028136&rqm=FGET

Requested by

Host: portalfinanca.com
URL: https://portalfinanca.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7430059321897517817"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: TlSScOBdTgjy3jgNKEjI364Z0BJLu/zXKjSdLqmEwRvLtDjH4rRoYOsvt2gh9L8+TzumbRogrrNj5pEy4zrZUw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7430059321897517817", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=3217, tp=-1, tpl=-1, uplat=60, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 AGSKWxUeIsLTTR68hcLAWwe-ka3fdEPmB8DzKRT-1olBgzYO79Fi4jdNd2pdPTp8UVtl0j6ZtkK21tVLDuj3jkqh49ZWlpPqcMeK7r13lrLF-5PyoeYRKHpeAOc1j-P2RkbW7lvD8_lptg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 72ms
72ms Script
application/javascript 2607:f8b0:400d:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUeIsLTTR68hcLAWwe-ka3fdEPmB8DzKRT-1olBgzYO79Fi4jdNd2pdPTp8UVtl0j6ZtkK21tVLDuj3jkqh49ZWlpPqcMeK7r13lrLF-5PyoeYRKHpeAOc1j-P2RkbW7lvD8_lptg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5OTQ1NDk0LDEyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwicHQtUFQiXSwiaHR0cHM6Ly9wb3J0YWxmaW5hbmNhLmNvbS8iLG51bGwsW1s4LCJaN2Z4VnpXY0hLNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cfc44e61323460622af9cfb63dc183477c087d2b2096d4322d73c750a0303d6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t66pgtgHsLpaLpN-mN1QLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNCQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8d6Pl1iPAnGRxBXWBiC-3XSF9TEQM3y9wsoBxELcHNP2f97BJvDhcpO4kkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmhgZGRnoFBfIEBAPp5TbM"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t66pgtgHsLpaLpN-mN1QLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
42 B 187ms
79ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=67689392&prismid=850570f8-16d4-48be-ad41-af0107be9af5&url=https%3A%2F%2Fportalfinanca.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 12
cf-ray: 8d8a6d0a8d5ea2ed-YUL
content-length: 0
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/8.1.30
server: cloudflare

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 184ms
77ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=477298147&prismid=fb27af59-9032-4dc0-819c-351167c0a5c0&url=https%3A%2F%2Fportalfinanca.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 10
cf-ray: 8d8a6d0a8d5ca2ed-YUL
content-length: 0
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/8.1.30
server: cloudflare

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 16 KB
12 KB 168ms
105ms XHR
application/json 173.194.66.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088451

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f157.1e100.net

Software

cafe /

Resource Hash

90c23032059c776285dd90ca4c375da1e37d570b8befde0ec376ba50e6fc9639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12706
date: Sat, 26 Oct 2024 12:24:54 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 1 Show response
portalfinanca90.pushalert.co/optin/ 15 B
203 B 272ms
115ms Fetch
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca90.pushalert.co/optin/1
Requested by: Host: cdn.pushalert.co
URL: https://cdn.pushalert.co/integrate_4b9aff9a56e794354d42c4de1398d973.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://portalfinanca.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-origin: *
content-length: 41
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Google Frontend
x-cloud-trace-context: 1ebba15c146655a539e4ce4f19c3cb06

GET
H2 200 favicon.png
portalfinanca.com/wp-content/themes/look/assets/images/ 3 KB
3 KB 31ms
30ms Other
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/themes/look/assets/images/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: 1a72ccbbec87c3313d49079127d42e3b54364dc0097310d7f56065d19d6c1927

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "60f8246f-cde"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 3294
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 13:43:11 GMT
server: nginx/1.14.1

GET
H2 200 cropped-FAVICON-PortalFinanca.com-1-32x32.png
portalfinanca.com/wp-content/uploads/2020/12/ 681 B
861 B 29ms
29ms Other
image/png 158.69.126.217
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://portalfinanca.com/wp-content/uploads/2020/12/cropped-FAVICON-PortalFinanca.com-1-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.126.217 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522508.ip-158-69-126.net
Software: nginx/1.14.1 /
Resource Hash: c1c266ab449e0154f6564ecb04a10fcea0725b3529c00e3f41852a00938b1489

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

cache-control: max-age=315360000
etag: "5fda9ee8-2a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 681
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: image/png
last-modified: Wed, 16 Dec 2020 23:57:28 GMT
server: nginx/1.14.1

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 145ms
47ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088451

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 12:24:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 4FEF 0
0 129ms
45ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalfinanca.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 11:50:30 GMT
expires: Sat, 26 Oct 2024 12:40:30 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 3B88 0
0 177ms
76ms Document
text/html 209.85.201.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f103.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fcgkj8LZ4w88bC1sv2kNRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalfinanca.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Fcgkj8LZ4w88bC1sv2kNRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 12:24:54 GMT
expires: Sat, 26 Oct 2024 12:24:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 serv.ads. Show response
fundingchoicesmessages.google.com/f/AGSKWxWpHBR36vT2gswL81vFiEHHNtgjAIZh8v8-E0OSJKsgy5srWQ10QtW1fTCatt6JxiomX4nwvZQxsDHOVOnovubA1DrZlfaFTJkFyD0uGnlqpI9ecm74EpfpiBOO2g2ef7xtTDeQ0iMgTQl4_b0mGeX8KD4zk... 54 B
109 B 99ms
98ms Script
application/javascript 173.194.205.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWpHBR36vT2gswL81vFiEHHNtgjAIZh8v8-E0OSJKsgy5srWQ10QtW1fTCatt6JxiomX4nwvZQxsDHOVOnovubA1DrZlfaFTJkFyD0uGnlqpI9ecm74EpfpiBOO2g2ef7xtTDeQ0iMgTQl4_b0mGeX8KD4zk66adV2gr7k0ffqC5Nl-qwHdUJD73pIF/_-ad-unit//news_ad./adifyids.&adbannerid=/serv.ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxuVcR4z_ar3ILCbuu4kOfZio42Ig/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

4c3b8df6ac314bfac86cbeac9407668ebfc5c188ce38dd8afc7f49f1b293b33c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NLOITNiJCWJkzsziwNiAcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NSQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8d6Pl1iPAnGRxBXWBiC-3XSF9TEQM3y9wsoBxEI8HNP2f97BJrDj_5YXTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgZGRnoGBvEFBgBhRE6o"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NLOITNiJCWJkzsziwNiAcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 74ms
74ms Script
text/javascript 173.194.207.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f154.1e100.net

Software

cafe /

Resource Hash

661dc25d20183b4d270f97f0f846cfba134999d8f6f0d5ae1b5d30b302a3ce5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: br
etag: 9752869073405330590
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 12:24:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53291
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxUGjZSFANK5TEsgoaZoD1uxWbVVytK4ZHra1UMSzO0b2FbFkHs8ZeVo74wWcVJ0bjIgGXEUKU197q7FXeluWzsAfnIr3jVnvfdrN1-fnhNKCxl7T5FCOkNaIk8Ix0CkftSkZyGm_A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 150ms
94ms XHR
text/html 173.194.205.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGjZSFANK5TEsgoaZoD1uxWbVVytK4ZHra1UMSzO0b2FbFkHs8ZeVo74wWcVJ0bjIgGXEUKU197q7FXeluWzsAfnIr3jVnvfdrN1-fnhNKCxl7T5FCOkNaIk8Ix0CkftSkZyGm_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GudamAHGuHwiaIvLQVk5cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhmLb_8w42gRmfHjQyK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQyDWMzCPLzAAAGrBLjg"
content-security-policy: script-src 'report-sample' 'nonce-GudamAHGuHwiaIvLQVk5cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://portalfinanca.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGjZSFANK5TEsgoaZoD1uxWbVVytK4ZHra1UMSzO0b2FbFkHs8ZeVo74wWcVJ0bjIgGXEUKU197q7FXeluWzsAfnIr3jVnvfdrN1-fnhNKCxl7T5FCOkNaIk8Ix0CkftSkZyGm_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GZH1NCKy8bc9D-xnUmUm8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhmLb_8w42gY6jJ1uZlVyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJIRDrGZjHFxgAAFdgLfA"
content-security-policy: script-src 'report-sample' 'nonce-GZH1NCKy8bc9D-xnUmUm8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://portalfinanca.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGjZSFANK5TEsgoaZoD1uxWbVVytK4ZHra1UMSzO0b2FbFkHs8ZeVo74wWcVJ0bjIgGXEUKU197q7FXeluWzsAfnIr3jVnvfdrN1-fnhNKCxl7T5FCOkNaIk8Ix0CkftSkZyGm_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YDRTaOGGSBEFFcyPxqcuaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhmLb_8w42gQ_N96YwK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQyDWMzCPLzAAAGdZLi4"
content-security-policy: script-src 'report-sample' 'nonce-YDRTaOGGSBEFFcyPxqcuaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://portalfinanca.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGjZSFANK5TEsgoaZoD1uxWbVVytK4ZHra1UMSzO0b2FbFkHs8ZeVo74wWcVJ0bjIgGXEUKU197q7FXeluWzsAfnIr3jVnvfdrN1-fnhNKCxl7T5FCOkNaIk8Ix0CkftSkZyGm_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zJsWgtKMlcxlNyckq0k0gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhmLb_8w42gYanK6YxK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQyDWMzCPLzAAAFbXLfI"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zJsWgtKMlcxlNyckq0k0gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://portalfinanca.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxX0Ir3HRGKmXRIhFnEZBFQ3_Djv1shEkXSzOip4hLVPnsldDkEAuPtA-sTgFoQVYyqM9BoRERyBL1JUrF4Sm6S3EJc9DI0dgLX_LA5QKRdj8yJAan-WE--91cCTVsy7MfV4LhCfIA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 80ms
80ms Script
application/javascript 173.194.205.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX0Ir3HRGKmXRIhFnEZBFQ3_Djv1shEkXSzOip4hLVPnsldDkEAuPtA-sTgFoQVYyqM9BoRERyBL1JUrF4Sm6S3EJc9DI0dgLX_LA5QKRdj8yJAan-WE--91cCTVsy7MfV4LhCfIA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5OTQ1NDk0LDc5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicHQtUFQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wb3J0YWxmaW5hbmNhLmNvbS8iLG51bGwsW1s4LCJaN2Z4VnpXY0hLNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

309e63c12ecf1e7c173f06316929ceb4f117361dcc22955696947d16388c0341

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cUN7Pb6EijA0B0YNC7tssw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBzT9n_ewSbw4-LdCcxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYA3phJcg"
content-security-policy: script-src 'report-sample' 'nonce-cUN7Pb6EijA0B0YNC7tssw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGjZSFANK5TEsgoaZoD1uxWbVVytK4ZHra1UMSzO0b2FbFkHs8ZeVo74wWcVJ0bjIgGXEUKU197q7FXeluWzsAfnIr3jVnvfdrN1-fnhNKCxl7T5FCOkNaIk8Ix0CkftSkZyGm_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-06rpFqE6qpsEBhrb72vbGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhmLb_8w42gQXbj29gVnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAF_KLhY"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-06rpFqE6qpsEBhrb72vbGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://portalfinanca.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVyHqBK9UTD7qzwSegBWlMyoHH-V6f55XWR4zcAu0VPumhN54HhSk5A5NxaJ8lASTEgLFMpIj8OzMtSjvSTerXLQNYAJVTV79qVI0Z0govM4-UttErR8L-tkahpkNU-ZDzFg6AFYw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 72ms
72ms Script
application/javascript 173.194.205.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVyHqBK9UTD7qzwSegBWlMyoHH-V6f55XWR4zcAu0VPumhN54HhSk5A5NxaJ8lASTEgLFMpIj8OzMtSjvSTerXLQNYAJVTV79qVI0Z0govM4-UttErR8L-tkahpkNU-ZDzFg6AFYw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5OTQ1NDk0LDg4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2LDE1XSxudWxsLDIsbnVsbCwicHQtUFQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wb3J0YWxmaW5hbmNhLmNvbS8iLG51bGwsW1s4LCJaN2Z4VnpXY0hLNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzIsIltudWxsLFtudWxsLDEsWzE3Mjk5NDU0OTQsODI3MjU1MDAwXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

13b129369811e770f42d193d7755de4aee678e0526b1d4a28971b80c4776ee2a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qi3XJjF0fSRZoyeaHGpuSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://portalfinanca.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBzT9n_ewSbQMX_aNmYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDIyM9A4P4AgMAvR1Isg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qi3XJjF0fSRZoyeaHGpuSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXLSR9D2gTQFUs6rsTPR-5ABEsBtq2LpfMH6i9eNi4HeXqQoF8Ydxtf-hK01o_CfHlN3GEvCsayHscFkEZ3nJxuYOZaD4F_fUmSVIDFfszp1ompR6W7mZySIvfYr4O4o9xPfWiJ1g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 64ms
62ms XHR
text/html 173.194.205.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXLSR9D2gTQFUs6rsTPR-5ABEsBtq2LpfMH6i9eNi4HeXqQoF8Ydxtf-hK01o_CfHlN3GEvCsayHscFkEZ3nJxuYOZaD4F_fUmSVIDFfszp1ompR6W7mZySIvfYr4O4o9xPfWiJ1g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lGOSSH_48GGQpmMstyafTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://portalfinanca.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 12:24:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhmLb_8w42gQdf_lxjVnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAJ_ZLvI"
content-security-policy: script-src 'report-sample' 'nonce-lGOSSH_48GGQpmMstyafTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://portalfinanca.com
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portalfinanca.com
URL: blob:https://portalfinanca.com/b45a6ce2-930f-4023-8b32-3f5898eebfa9

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241023&jk=3005698227384341&bg=!MzClMH_NAAZ-RxQpXkc7ADQBe5WfOJ_5oFgXvfD0LbPZKOhIggB55GW4hT9Y93XyYdf4vASUhHAqe30rxxi5zXOXW4jdAgAAAENSAAAAA2gBB34ANhUA4w3PMa9ZuQxzGYsmoLa3RzWzHurOnyt1w7r8O51STZ5yoCDiY2Z4uS3q6_suwKMN2ho7WQoAYmNNtpwoTuzoXHz1lN5j8-WnP4UycRh_ua2OV5UbLh3bPO8osK-0GHHwf9CQZdNtCTyQshdwjbxj0qBZ3sU3u3lClgNXqXBb2g3whUFtfVb8iKTTRNzBBeRZY5nbDhY5gPaKmQKReVJDL_mfAbGebfdDggfFwC5sljyLtMqEUcwo5GhB0Z7jYnJ10-DBsAdgqu039l5GIIQh3tGiWjFlOZjRMGescAsUd86X_eGHVjNoJRy7XJZifKzdKC65WIGHeig7SCq01ZtFd-m5GaUnWrFMB5CETYFfUMbRr8ZeHH_1tFKhMyLhHx0F_IhV17MvxRRdllzA_YoKuo_t0MDGbSRgOkGxTBzmEJ37NgM4S5Ie2C5cxMoiBqELSDGcPYudqd0r50gwMqJCvz0GujGNcJJUrQbvKPRb44sGdTPVOBtIo48mfJqS14yz2sUOqZXtSnpTw7scBeiiAbHakuL7DnKAavHMmlq3uCgy1SlE86eu1qwmfix-3W_s_XfR-TmSEdBEutHd6NOOgV2oRHsVGP_BRMoXgN2cq7MKwWqbpTZQ6NVDwRf90H1wkfbJpwHYPXdRXhdj9vICRLVu2AhFQdn-LuPh9TUYa6WRCsxhfKg-kax-J2wVw38NFu9pwypCEFu3I2It-61S1ynOQjIrKOQlxvOsGX-NnYOrGa8XUJTd1AxeZHqXRdyBmlxKdnGyUf2N1dNKXbSVQRAYGZ0ANF80bLRfM67fa-lAEiMWAVaqFfjiyV0M78ZbL1FGLGLLCjGfy910GzyRtA2VB_IyGNhn72aByV9T5SkOKVDBGpOm8JAO3dR7EwrgGl309JeLpysLRIkPy_geXWljrkw4o4iIZmwlS_b5rmamcXEOxz3wFHjHQT7Jrg5rR2djtXUxqiL460ZHMbruWbOl5jmGbkZS3UiBf1L96HdBLWOKGRsLRXbJtHSi5breB6p4N7j0SyDyFwjVYh2HrqYHm47oWg9G7TUqGTHMuN0Kx9696UhyQ2Quy4Hu

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portalfinanca.com/	1970-01-21 00:32:27	Name: pblk_sid Value: c7a48208-8104-441b-98bb-f4ddf1d49957
portalfinanca.com/	1970-01-21 00:33:51	Name: publinker_ecscore Value: 77
portalfinanca.com/	1970-01-21 00:33:51	Name: publinker_ecivttype Value: 1012
.portalfinanca.com/	1970-01-21 02:42:01	Name: _gcl_au Value: 1.1.1674470843.1729945494
.portalfinanca.com/	1970-01-21 10:08:25	Name: _ga_PS06DSM40X Value: GS1.1.1729945493.1.0.1729945493.60.0.0
.portalfinanca.com/	1970-01-21 10:08:25	Name: _ga Value: GA1.1.1389155437.1729945494
.doubleclick.net/	1970-01-21 00:32:26	Name: test_cookie Value: CheckForPermission
.portalfinanca.com/	1970-01-21 02:42:01	Name: _fbp Value: fb.1.1729945493969.266970843192307141
prism.app-us1.com/	1970-01-21 01:15:37	Name: prism_67689392 Value: 850570f8-16d4-48be-ad41-af0107be9af5
.portalfinanca.com/	1970-01-21 01:15:37	Name: prism_67689392 Value: 850570f8-16d4-48be-ad41-af0107be9af5
prism.app-us1.com/	1970-01-21 01:15:37	Name: prism_477298147 Value: fb27af59-9032-4dc0-819c-351167c0a5c0
.portalfinanca.com/	1970-01-21 01:15:37	Name: prism_477298147 Value: fb27af59-9032-4dc0-819c-351167c0a5c0
.portalfinanca.com/	1970-01-21 09:18:01	Name: FCNEC Value: %5B%5B%22AKsRol-hlySW144anIUB1VeO_y_4FEGrVeeYvjaVkU2bHNfAYvh3vRwTxoCyWRGvNv_0tSeGuaCTGBMgGBe_i_pKrhXMMi6bczaFy18Ko_J-vAOqEWQM6myPmMC84QZ-Otjj9Vk1ixI89_lFYZR7GEoqRRryQ-_Jmw%3D%3D%22%5D%2Cnull%2C%5B%5B2%2C%22%5Bnull%2C%5Bnull%2C1%2C%5B1729945494%2C827255000%5D%5D%5D%22%5D%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://portalfinanca.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.pushalert.co
connect.facebook.net
diffuser-cdn.app-us1.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ivt.publinker.com
js.publinker.com
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
portalfinanca.com
portalfinanca90.pushalert.co
prism.app-us1.com
secure.lomadee.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
td.doubleclick.net
trackcmp.net
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
portalfinanca.com
157.240.229.1
158.69.126.217
172.67.139.119
173.194.175.94
173.194.204.154
173.194.204.155
173.194.205.113
173.194.207.154
173.194.66.157
173.194.66.94
18.160.18.55
2001:4860:4802:38::15
209.85.201.103
209.85.201.147
209.85.201.155
2606:4700:4400::6812:22d6
2606:4700:4400::ac40:93bc
2606:4700::6811:1fae
2606:4700::6812:80d8
2607:f8b0:4004:c1b::84
2607:f8b0:400d:c01::9d
2607:f8b0:400d:c02::61
2607:f8b0:400d:c02::8b
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c04::65
2607:f8b0:400d:c0b::9a
2a03:2880:f103:181:face:b00c:0:25de
37.19.207.34
52.85.132.85
54.90.24.34
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
04d1352285efa1c941056333bd89b3f893a1933b072189dc7a4d88f8f4b8076b
064b913fe1422aa76a1df71a0edb3ef6a910af95caa3d4d6d5c2a0c80eccaae1
0fcd4e657b357a127135203df54fa73d0865993b91d7dc94392c9df19aee7860
13b129369811e770f42d193d7755de4aee678e0526b1d4a28971b80c4776ee2a
1a72ccbbec87c3313d49079127d42e3b54364dc0097310d7f56065d19d6c1927
1b10863cc99e782eaa4ec06571512b9f4b0bdb5670058097ca56f1cfa61f85a8
22718f1fecc94e0174f36d829a5fdfc2be71b7f802230cc07e7bfa44f841bfae
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
284689645483bcb51b0e4d7f871b3c56829743164aa78d72f3fd522b2f75ae64
2ecbba9a7e691ccba4807a656ef327a88f0c5dad7a566d21db4888a4a857646d
309e63c12ecf1e7c173f06316929ceb4f117361dcc22955696947d16388c0341
3fadf2d1002db194d57dc65a6f442bdb3d79ea28a6e31889bdf73ae062e52b30
42117f44f51aa2b89a6c3e302db593716a79a5491b9b719386059d6a93f9c1e7
47b44cae8de48e1784a907040f180d673f61015f10e0e5497656f20b05062147
4c1a398a388e7935642179d2512ff37613fa5a5cf48eba0a67ff61828597f8b4
4c3b8df6ac314bfac86cbeac9407668ebfc5c188ce38dd8afc7f49f1b293b33c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
61bca7389b567b18af731514a7de85ac66ae1c9e36420b5c128f6128b52dd83d
661dc25d20183b4d270f97f0f846cfba134999d8f6f0d5ae1b5d30b302a3ce5c
6aec037d5cc0125838615de358e5b6598bd60703bd2aabf6c310e4602e37c37d
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fc4530a05f03426345d0be8fffa12ebe223830df2940ca8646ba7c9ea0d248c
764fe762d293e74891ca73403f8aca55db4a43b9beafe784856cd82511497ade
7672c61a038975e758ccf9b28396eee3eb128e0f7be196f6849a5a4cf8e23b75
768075c747853b68420e44a72d6ceac1676edee011349dd318d1a48097b2af1c
7896995fe3961a008e1d36c54e39397dc76fd05968dd7be124de75963eb2ac3a
7c03c60d9180fa0edac38949134bfb3999329a1d7b372f11efc30890136e6456
7cfc44e61323460622af9cfb63dc183477c087d2b2096d4322d73c750a0303d6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8495124a0f308a611d0d617588194407fcfabcb479f90e5d634d087020ae0093
90c23032059c776285dd90ca4c375da1e37d570b8befde0ec376ba50e6fc9639
90c98c6ba03264ccfb2fbedb93df6e1563ae25ced01433aed386e0cc9a0a0867
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95ae52ac801c76322fb95112873bd566f480cb678d7f331871c1c1c32e007e1b
96d16fb3a6a711b40f773981f2620b944cfeb6c3fc8cbf12e05f77a3929a6085
99b7e675ac24ba5554b2036b69854589157e5eee568e7d586c1906e75e2eab1f
9d8079bd87d18a999fd66ac9a8180a5e3dcc98f2026bb55c7b0bfadf320e9550
aa21b3d14448d5bc1d833cbbd29a8a9842750cf48135821fff03f4d2e60de366
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abf9ddda8b71aab0a17a5ff9630bcaa772589eecf506952a184f11509fbeb64e
aebf75e4dc9b083db7cd09fc79267c3947bce5c37295669102c29782ce620bd3
b16cdbe7c07e446bd07dd84df2f8eb7e94ff625fc726ac773f85328ea23baa56
b280f8cb68e50e9f8dd035dfc9945209901e8f54e9024e17016df78be932baf1
ba454cfa5b97e7f2755d201e43fa99377488368291dbf6504adad057073ef99b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1a57bf4789f61e62f803ff2d0f1836fae431a388e0ac93bb333bebcff2484b2
c1c266ab449e0154f6564ecb04a10fcea0725b3529c00e3f41852a00938b1489
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd8870d57e781e1d347f361f7e60e890ab2f0299b67075f6945ac35d6b34e2ca
cdfbff51e1eb4b91b10849598fc78674de7a4bdf43fcf780e0a5cc5bf4bc9e8b
d68e777f867ba8ce08025bbbf83756fa3ae263592894525d87727c1d9b2e8bb4
d91d97ae8e8037e6512a08d82ea9e37f9df820596dffe32bba1763c78a0b48c7
dce63decd0d4269fec64a41dff6c2ad59460baad18f42c78a4f029d836ce6eec
e01a1ef36d2d558cec017b95826d971963fffb3af481fc49d9df3b63c7c4f2ce
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
ecb826b055454521c9f334c5effc5138ef31d5ed66afb9a6bc5a1d51d6f65325
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31d518590c19c16ed33c9ee65359a64d6d2ce0da942c7c897ce9ad18157286a
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ff8ebf0650a50eb0d582d572f34878d70e4f5e198aec47e3099bc9e3e700aa94
ff94ffa02873ac7aa1b12b9cea60e6754dfcb87a0c6e568bbbe6981b7406c9e6

portalfinanca.com Open in urlscan Pro 158.69.126.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

98 %HTTPS

43 %IPv6

17 Domains

27 Subdomains

31 IPs

2 Countries

3664 kBTransfer

6515 kBSize

13 Cookies

0 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portalfinanca.com Open in urlscan Pro
158.69.126.217 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

98 %
HTTPS

43 %
IPv6

17
Domains

27
Subdomains

31
IPs

2
Countries

3664 kB
Transfer

6515 kB
Size

13
Cookies

91 HTTP transactions
0 data transactions