portalonbr.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://criarcurricuads.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmVtcHJlc3RpbW9zJTJGZW1wcm...
Effective URL:
https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCam...
Submission: On June 13 via manual (June 13th 2022, 7:37:53 pm UTC) from BR — Scanned from DE

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 55 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalonbr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 25th 2021. Valid for: a year.

This is the only time portalonbr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.159.61.171 54.159.61.171	14618 (AMAZON-AES) (AMAZON-AES)
32	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
55	12

1 54.159.61.171 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-61-171.compute-1.amazonaws.com

criarcurricuads.lt.acemlna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

portalonbr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	portalonbr.com portalonbr.com	557 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	248 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47 region1.google-analytics.com — Cisco Umbrella Rank: 35463	20 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	330 KB
4	google.com www.google.com — Cisco Umbrella Rank: 4 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2183	131 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	153 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 106	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	4 KB
1	acemlna.com 1 redirects criarcurricuads.lt.acemlna.com	365 B
55	9

	Domain	Requested by
32	portalonbr.com	portalonbr.com
5	www.googletagmanager.com	portalonbr.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	portalonbr.com securepubads.g.doubleclick.net
1	lh3.googleusercontent.com	portalonbr.com
1	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.google.com	portalonbr.com
1	criarcurricuads.lt.acemlna.com	1 redirects
55	12

This site contains links to these domains. Also see Links.

Domain
www.caixa.gov.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-25` - `2022-11-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
Frame ID: 69899D82B9FA66E268D1E2885F9B9B50
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Pessoal Caixa - Confira Tudo Sobre

Page URL History Show full URLs

https://criarcurricuads.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmVtcH... HTTP 302
https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

55
Requests

98 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

1449 kB
Transfer

3418 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.caixa.gov.br/Paginas/home-caixa.aspx
Title: site oficial da Caixa;

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://criarcurricuads.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmVtcHJlc3RpbW9zJTJGZW1wcmVzdGltby1wZXNzb2FsJTJGZW1wcmVzdGltby1wZXNzb2FsLWNhaXhhLWNvbmZpcmEtdHVkby1zb2JyZSUyRiUzRnV0bV9zb3VyY2UlM0RBY3RpdmVDYW1wYWlnbiUyNnV0bV9tZWRpdW0lM0RlbWFpbCUyNnV0bV9jb250ZW50JTNEUHJvcG9zdGElMkJkZSUyQnJlZ3VsYXJpemElMjVDMyUyNUE3JTI1QzMlMjVBM28lMjUyMSUyNnV0bV9jYW1wYWlnbiUzREVtcHIlMjVDMyUyNUE5c3RpbW8lMkIyMCUyQi0lMkJBdGl2aWRhZGVzJTJCUmVjZW50ZXMlMkItJTJCUGVkcm9Qb3J0YWw=&sig=GFVwT5kssC3gFqb3gN8EwGrchhonmCi9NofKfcQxpiN3&iat=1655133538&a=%7C%7C225287073%7C%7C&account=criarcurricuads%2Eactivehosted%2Ecom&email=NO9osvRu7MdWG2eqvJWr2mQOP8ZXmRzMvz3Yw%2BcA7gI%3D&s=c4c68beaa041ba4ddd8273d9b652a2c1&i=508A512A1A1623 HTTP 302
https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/
Redirect Chain

https://criarcurricuads.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZwb3J0YWxvbmJyLmNvbSUyRmVtcHJlc3RpbW9zJTJGZW1wcmVzdGltby1wZXNzb2FsJTJGZW1wcmVzdGltby1wZXNzb2FsLWNhaXhhLWNvbmZp...
https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_...

84 KB
17 KB

707ms
605ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8394aa5eede6f370ec3bba3c4a6bfd79de735ed21efbd33cbb1fec8f9dc89708

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cache-status: BYPASS
cf-cache-status: DYNAMIC
cf-ray: 71ad485d58db9bdc-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 19:37:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:01 GMT
link: <https://portalonbr.com/wp-json/>; rel="https://api.w.org/" <https://portalonbr.com/wp-json/wp/v2/posts/3117>; rel="alternate"; type="application/json" <https://portalonbr.com/?p=3117>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
protected: by MS22051001
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxIgSDxC026AgGtRXDjR%2BVHI5Jri7XLH3kAcYE1mGomE9saL6gNm9GYv3gE%2Brmk4vPMi6BswpqVGoOCFUL89BKWt5dzxAbgu3Geh2SYWho42IWlga9BQw43znIgQknGicGQCZEyWtPr%2B0by7XA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-pingback: https://portalonbr.com/xmlrpc.php
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/json
date: Mon, 13 Jun 2022 19:37:45 GMT
location: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
x-amz-apigw-id: TrPBhG25IAMFfow=
x-amzn-requestid: 34f737b5-bbdb-4c12-baf7-ef8c62d14e99
x-amzn-trace-id: Root=1-62a79209-174a23965b486b284e061a85;Sampled=0

GET
H2 200 style.min.css
portalonbr.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 49ms
48ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.6

Requested by

Host: portalonbr.com
URL: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW8z5t33FH91PrGajTx8pCI8edTIvQTJDEy8%2BT4Xb0W9oCmRo3YiI2%2F%2BGQRLJqq3RvX7uq5NWNRZK2ZQrphltEURUW5smf%2FI%2FYkcbD7iIsgTfTct7NC5z%2BgkjUqbtRch%2Bsm%2BMbcLmds5miNPlw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 08:23:42 GMT
server: cloudflare
etag: W/"6077f80e-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000;
x-download-options: noopen
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 71ad486139a79bdc-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET bootstrap.min.css
portalonbr.com/wp-content/themes/Portalonbr/css/ 0
0

GET
H2 200 style.css
portalonbr.com/wp-content/themes/Portalonbr/ 37 KB
8 KB 65ms
64ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1655149065

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a6ca5e7abeae43d0e5f8f16875a6981ffd187218bf3a5c265b1d222b0437b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8ADtqX3kZqOBYx4e0HPdcQ73Hj4mI0vX%2BYst3c0GRmQSmIhh2%2FdWoxoDyQk7iqTOuT7FDpdiS6ZbSj4X9TSPeXpKP%2F4o5DZNVONvaFofAAGV%2FJgzQ2HbwP87MAHvs%2FKb2KiH%2FmhgUqzRGp1%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 15:24:36 GMT
server: cloudflare
etag: W/"62a4b3b4-9396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000;
x-download-options: noopen
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 71ad486139ab9bdc-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
portalonbr.com/wp-includes/js/jquery/ 87 KB
32 KB 51ms
50ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JLIPN7sVbiPblodJGM99pj2X9VQrVY6fCBzRnMs33OAmgIyo%2FQ3VndvCaAhvwEKvxxWBmCGayH8U8VjxFmFzbuS5rv556FJXkZ%2FBJO%2BOUU%2FzmKW%2BkaVaIrKdAWKamPOHSWhwPre5U0LETIfFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Jan 2021 19:37:36 GMT
server: cloudflare
etag: W/"5ff61180-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000;
x-download-options: noopen
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 71ad486139af9bdc-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
portalonbr.com/wp-includes/js/jquery/ 11 KB
5 KB 47ms
46ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FkLLOKiXIWn9BYR55jGXfXRGrw%2B3EA8OitbSkK2dtk%2FqRrvrtiQ3OQL7NDfEX2KDIZjyjMDgNYcRVwnPrY9DRnLhVD%2F2a6ldWy%2BKBuHu11IY2hFqSnHC9H10aJoMBmOqPonPJA2Iqifke2j%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Jan 2021 19:37:36 GMT
server: cloudflare
etag: W/"5ff61180-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000;
x-download-options: noopen
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 71ad486139b09bdc-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 140ms
42ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

f1839fda0fa7d836ab229867ba5f9e7e49ba1a421abd53fd9db0c8bcc46fe7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28095
x-xss-protection: 0
server: sffe
etag: "1244 / 346 of 1000 / last-modified: 1655118506"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H3 200 logo2top.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 70 KB
71 KB 80ms
76ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/logo2top.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adebd190254b82d034e05a5fde9dc2088bf7388a15cd9a0e31c79ac143202810

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu%2FpYnk%2F4U1vfw9yCnQYAwYXn4HHz1%2FWHO9ufdA11xjFWnZINFAqKvxWWIpuYQ3pe3JG28TyOIknO2rgiSlvk%2FdCnhhs66GwR07u1%2F9NQQfT57lDcIs85DB%2FK55B6%2F80PVbB4KGuORu75FKvbA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71673
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-117f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd7e8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Emprestimo-Pessoal-Da-Agiplan-285x211.png
portalonbr.com/wp-content/uploads/ 22 KB
23 KB 189ms
185ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Emprestimo-Pessoal-Da-Agiplan-285x211.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b2f442bdbbdc8a66468a6c9ad7f0a6bb522af2a19b3106bb83b1511e53a441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg9ttrjKwpsMLSeigJLwVzb6h8zLt2NDfzzGsfhyORslOai2B010N8QvmM7zCZYpoiOSJL%2Bi6o%2FuiLPYygP4R415UKeX6i7XdNuTVEFY70r1pEafgSx97IniPpCtoQZ9a7Ktm9%2BAcmEH3nR5RA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22929
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Aug 2021 01:13:33 GMT
server: cloudflare
etag: "611475bd-5991"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd7f8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 PicPay-Emprestimo-285x211.jpg
portalonbr.com/wp-content/uploads/ 13 KB
13 KB 195ms
191ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/PicPay-Emprestimo-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174f15d5bc1218fed68d9a489dd724db7a750e5ef800785631bbb45c1b1be3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnenOXwDjNw8g1XDjn4BSD2mb%2FHXjxU7hW69VG5EaoCBdztDWB4whsWuLCHQLbXfVjfqX%2BSO2iV7gDJBzNaGzdk6yAiEejAu0SlEWI2KiIVWqyezJtsmGYYycPxgYFuFqUZT8CqqDl2F1M2xpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12826
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 15:09:34 GMT
server: cloudflare
etag: "618a8f2e-321a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd828fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Emprestimo-PicPay-1-285x211.png
portalonbr.com/wp-content/uploads/ 15 KB
16 KB 80ms
77ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Emprestimo-PicPay-1-285x211.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96eaa1828b339d5a83dd2d1f8153d3d02ebeabdf1112ee7e07018c773aaaabe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njX5uD%2Fv9pGFqT90gbOfJPBIQVJ%2F1Avck3YTqXqZAonOzxQ%2BO8B8zRy%2F2JnTYJjsFVioHVoQUOIgGQToFyRlcQP73MU1YfEkd4ynQGHum0xDuwq8x52RX7PK1hey%2BLWN%2Bv4fCKWXsG5l1k7A9A%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15449
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 14:46:53 GMT
server: cloudflare
etag: "618a89dd-3c59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd838fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 carro-alienado-600x313-1-285x211.jpg
portalonbr.com/wp-content/uploads/ 10 KB
10 KB 119ms
115ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/carro-alienado-600x313-1-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372b6777e7c30e4a897c116132758de9fe0507e6e6dc5a4819394718dc05d3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQtRqttUabY1LrFxfh8RLQ6lbKVnD2vMngynOwkJNYXHEkpST7Arc9PdPYQnjrXJs2HwEyrMjBpfQsq5pHgrwxGX9FIBA%2F57fefDhawVQsLDwUwHfRGrAXvGoHuK2ptfrsFOYH4nPSOvtHiVNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9867
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2021 16:56:25 GMT
server: cloudflare
etag: "5ff73d39-268b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd868fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Emprestimo-com-Garantia-2-285x211.jpg
portalonbr.com/wp-content/uploads/ 7 KB
8 KB 120ms
116ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Emprestimo-com-Garantia-2-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4118b00d07cb9de464d6fdc67cd24e68476e2e0f38553781b433f3097dfd0dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XM9wuE4lRzjP4o5pErBjT4B5lGqoEGK%2FgXQq1iZSICR0pEkzwe2vVZA%2Biqtm37wExHgm68jQPWl5Wiebu2QcsZo063sSrnlz1oeAxY%2B3DyYYEojhVLB2z0kSD7hkJIYC%2FGNctX%2BnMI%2FFclYTzA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7266
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Dec 2021 13:53:11 GMT
server: cloudflare
etag: "61b35bc7-1c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd888fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Fiat-Palio-Weekend-Adventure-285x211.jpeg
portalonbr.com/wp-content/uploads/ 11 KB
12 KB 122ms
118ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Fiat-Palio-Weekend-Adventure-285x211.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84f1019583fa28c5cb66e2af7cb552ff6778d75ad1650bdb836cc472a04250c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tartVVVOzRH54vMKoDt%2FJribUiYC2Zaj8xbvpzaM2eF7ceL%2FU73USHfrRCnkpWcYxa3tJrS0E41qbAXWG4Wz7hTmGvATZQb7A3v0IVZbh75II%2BjQCve5sbEZnWW8grCKw8WPTYzEO3GvlJNrhg%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11247
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 26 Mar 2021 19:54:35 GMT
server: cloudflare
etag: "605e3bfb-2bef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd8d8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 financiamento-de-caminhao-285x211.jpg
portalonbr.com/wp-content/uploads/ 20 KB
21 KB 125ms
121ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/financiamento-de-caminhao-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f8aa2a7695aed57187c9a00e92b5c03d1076e0e41b63cbaef47f44fdc1fdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YydAzeKjXRhSfIOD1Vh3eh7kgoj67bw9NC0H9wSgJOCtUQm7LzmLPb7jcI8%2FW%2Bu6yHz6ZpsT%2BxLOaYSx92VI8JesqoBVFdNTk%2Ft0obf%2BGV96UfxRaLAqO5iEUooshvFqZ5Han2i%2B836ELQ7n3A%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20923
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Mar 2021 15:04:30 GMT
server: cloudflare
etag: "60463cfe-51bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd928fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Como-dar-baixa-no-MEI-600x420-1-285x211.jpg
portalonbr.com/wp-content/uploads/ 13 KB
14 KB 151ms
147ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Como-dar-baixa-no-MEI-600x420-1-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed76d8ba194399914d1d2f2a9a53045b4e5aee97b52d871e22fcd9e030d88390

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqQ%2FYeCo3c2krXz%2F8p%2B9ZadgMFMd71jGS1YABSBY5fAOzdMeXKZ0Dn1dnd2TrLBdIih9Pdsu26CcNDy4UYM8sOPBTamF0QuytgEuSeB5hWvoVE24%2BqVn4t2WfeROh9YRrWoto5U%2FTHOSZIozWw%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13502
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Apr 2021 18:21:36 GMT
server: cloudflare
etag: "608704b0-34be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd958fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cartao-bmg-8111-285x211.jpg
portalonbr.com/wp-content/uploads/ 9 KB
10 KB 195ms
191ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/cartao-bmg-8111-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca1d71b550b03f0e76de84dac6aa71b35c2a7e4b2e57fbe1f129db9116e6e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqpjKFEkAc3HJKxPSN3AdFDdNNRk4oYpDTvG1kb75Qbw7ZeAywSouf5cIN%2BtmT9MJyDTznxVxpXYmtHxcpOFrXIQJnFDYnZs3PcI4uO6QmqTv%2BRdAxZshi%2BxM%2B0n2bjhT5ik9sdnG7JJKrxOgw%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9212
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 Jan 2022 22:04:02 GMT
server: cloudflare
etag: "61f1c552-23fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd978fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Emprestimo-PagBank-285x211.png
portalonbr.com/wp-content/uploads/ 66 KB
67 KB 196ms
193ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Emprestimo-PagBank-285x211.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f126eaaa1bfeb4cc4f1d5414feb0d59feeb45302e4cbb418552d8d334892e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dd91lIrz4CDTPMIEz9ltzBGk58gXWFdDMVTo0xfIpU92gp9Lh8Lr2F9B7JGwdBhVFSqrgSnI7RbSVZPMhRCS8YkJM0jPN3R2iGGwIlID5IQ0FN37CRFrEXdPVbWpBsR4js9rtACV%2BtkhjeTUg%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67554
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Dec 2021 13:58:46 GMT
server: cloudflare
etag: "61b35d16-107e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd9a8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Emprestimo-Pessoal-Da-Marisa-285x211.jpg
portalonbr.com/wp-content/uploads/ 14 KB
15 KB 229ms
226ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Emprestimo-Pessoal-Da-Marisa-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29ea39fde4dfdd3f7f7242447f45b871e49517d866dfd7e04303cc6741bbf018

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHt7%2BH6o6kwiGKgQl4OhYUBJreTZyi80TInLwhfqWQM0pSGL5ZXxtsc3FJDF2VGBVxbQK0TSwY0qAhPtkofKK4zgVNHWaUys3K3nUyz5tfUpdhSPbqeeABrwSDw4ZPpmkDhx0%2F3xFr7lElwjgw%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14787
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Aug 2021 02:57:41 GMT
server: cloudflare
etag: "61148e25-39c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd9c8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cartao-de-credito-nubank-285x211.jpg
portalonbr.com/wp-content/uploads/ 12 KB
13 KB 74ms
71ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/cartao-de-credito-nubank-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c86a741f1b9c363eb43137c12532fd642da9ea9a970efabd3db77c0258e4997

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOwUFvh5XjyHiJZqtOgGk2Qf7LdSf%2BVhJL8sEsxOes7HaJLuW%2FAn0GtibE6YoU%2BH7Sb05EF0YIE3A5hiNAGsBBJvkG6ALa4%2BnUYUAc3Q30sLFb7H7Bcxuxe0ujxw2gCGQJ2hbwVto6rPZnVX%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12722
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 May 2021 02:26:25 GMT
server: cloudflare
etag: "60a71a51-31b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cd9d8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Santander-285x211.jpg
portalonbr.com/wp-content/uploads/ 7 KB
8 KB 230ms
227ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Santander-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91157f542e7b838f3011f20f7dfc2218aa9a462a29329a80a6b504f6f3e6ca81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ofzs0xRfYTtPi%2FS6LtVE1fJTMOnzWeyMx0v3DbxRLtGNtKVpMVLXRWq31hgr%2BusMpHcNybKac5VDvYGK3n5sreUCGlvBkDs0RBwO95tPqGZ7fIkmF%2Fl1zWkkNSQ%2FQ8pr8fbX6Ry4IzO1w5NgzA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7018
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Mar 2021 16:17:27 GMT
server: cloudflare
etag: "60537d17-1b6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cda88fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Cartao-de-Credito-Magalu-1-285x211.jpg
portalonbr.com/wp-content/uploads/ 19 KB
20 KB 232ms
229ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Cartao-de-Credito-Magalu-1-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e07f327cf2ff6dd56f26925c91fa4e1e79e3b60a28f65572ebf60d8a4810e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4Zj3ZKMRsQQ0G63iI%2F0dzjKdJD1rcKsh%2FneYGM3dxeSkuX5uVxqhFyFrZxQ8wOfDkRM9MGAOJqRJ%2B2NtvYiOx1vG0tQCYJa0dMvPXwtewhNkGnLPf%2FBx3IVaCx9BtL4bP9mZulb0So7lemLEg%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19945
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Jun 2021 17:33:15 GMT
server: cloudflare
etag: "60b66f5b-4de9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cdb68fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 FGTS-Consultar-e-Sacar-o-Saldo-285x211.jpg
portalonbr.com/wp-content/uploads/ 13 KB
13 KB 232ms
229ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/FGTS-Consultar-e-Sacar-o-Saldo-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae62c4f389a7aea9b199dee5b018bfcc28a52424808260533436f1a51831b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmdXyk4Axi2C7R33aL2l%2FTQfTjRVSGI5e5SjEJJXA8cD8CEYViCNh9JLirm8egl6kSeFh8N2qkFWFUqYD7CP%2B07e2nxQ7BaXhKfb%2Fz74FSxhtiNCxlKo%2BTu3iOGmzWy%2BiIEN%2BC%2Fs5u7xbtUkuA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13114
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Sep 2021 18:29:36 GMT
server: cloudflare
etag: "61326990-333a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cdb78fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Novo-Valor-do-PisPasep-Confira-Como-Realizar-o-Saque-285x211.jpg
portalonbr.com/wp-content/uploads/ 11 KB
12 KB 235ms
233ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Novo-Valor-do-PisPasep-Confira-Como-Realizar-o-Saque-285x211.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ec1f7ae0fad2cd771ea84990356d5da81095792dd3414e424ea3e51efc3609

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTam0sCWwuEdc1KFXepahgo8TkRLYK0NcDZ4zuNRGgsLNWwhyh2LoZ0SNwC57LBhyBnGT7WzCK17XY8mzndIo8eUcDNssElItWNSS9o1%2BX6ODlV7n80nq4aWjoQViSIcKBjLbUBQnPEqDtw6Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11210
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Sep 2021 19:08:57 GMT
server: cloudflare
etag: "613272c9-2bca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cdb98fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 portal2.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 10 KB
10 KB 236ms
233ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/portal2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ff92a392f79b4d79b60045b99d6f795c7ab3a48053dd8ed549445925a45d71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwJesiRdMuPIL0P4DCj8bnxoNClHrqjalcSKH3%2F0sW61GXV1kHuevJuIjqMJDe6HoQC48%2F0U41gMXKH48QUhT8Rsl3FNKVXiAMoVJvwDL%2BtZLtDtu5qMvP42ZE4ylgK1eNMznQ%2FEtXUBQ5kIvA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9741
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-260d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cdba8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 146ms
57ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 192ms
96ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193029831-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0fa03e44615c37d438870d2e610bc2543058f6740a98c6a96dc22de64b9f688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39785
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 18:35:03 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
65 KB 218ms
123ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SKBSZCXZL7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f89d1aafdb83d94fc9c55f4765d658956fbe6122f1056887f072918cf828cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66847
x-xss-protection: 0
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H3 200 flickity.js Show response
portalonbr.com/wp-content/themes/Portalonbr/js/ 54 KB
15 KB 49ms
49ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/js/flickity.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c126bc13a8986f1a9ac0cfd1cd67280a5ae0eca52d4519fe702b7cf85c76a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4477
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qC%2FgFoxysKJH0QCB7WTh9vA534DUeNNQX2V6YTwQ9mfQIsqtoo48gnB2%2Bm5IBn5iOO7a5fR5QIA2i%2Ft9BmfdsIjPxT%2BgyV7BUlLNyCxLfLkTPhWC%2Fm1%2BGwx%2FftYQui7aZgwm4hHpGBVcbCKXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: W/"61fd46b8-d7cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000;
x-download-options: noopen
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 71ad4861ad518fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 funcoes.js Show response
portalonbr.com/wp-content/themes/Portalonbr/js/ 926 B
1 KB 159ms
158ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/js/funcoes.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d393fee4858d73610ef9ac7d9b9788f75147371523b18dc66ed92e62e1cf4e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4477
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy8nnzCNe8ozM9E%2BXI%2FWPFIdJO3hjfU1vaWrdddb6colWm4w5gGmAoOakBHcPOrruOfbrIEoISJ1kaEUm3Mlzxhh20kaDFfDNd8WwlH8%2Bl099ZMH5RqJ9s0%2FMeTFK95gjYKogynPkrJvdC31bA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: W/"61fd46b8-39e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 71ad4861bd6d8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-embed.min.js Show response
portalonbr.com/wp-includes/js/ 1 KB
1 KB 160ms
156ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/wp-embed.min.js?ver=5.7.6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlTBbGnkP33sQ2eA5UEpxvnE3BYyfHLDExBkmuAr4xEg6TVcNfz%2BPJeug8Ny33teEEkZpdANZtXB42EKCxTcQ2hOESsZAienq8K5qNpfwia0aC28gczIOql%2BtSbXUQiPPSAmWywjllywchfMhg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Feb 2021 07:21:35 GMT
server: cloudflare
etag: W/"601ba07f-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000;
x-download-options: noopen
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 71ad4861cd7b8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 145ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-216178255-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ebba9bbe4f78ec6837cb11ee1b195c009ca07153ce15834c535eb3e54e81edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39770
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 18:35:03 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H3 200 wp-emoji-release.min.js Show response
portalonbr.com/wp-includes/js/ 14 KB
5 KB 236ms
234ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalonbr.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlRQajKOUIKFOx2ZoOW17h%2BKfEZGqKi1Aydrq6LS9UP8ujJkmc0uu5%2B1UEuKW5UrTywzGk8hAjd3tudHXUuBDbhujJZU%2B0PPr2Zaf8D8YXCCxQUJBLUm90DeaXsDYfCTOLh34svPuUDwkzWoPA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Feb 2021 07:21:35 GMT
server: cloudflare
etag: W/"601ba07f-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000;
x-download-options: noopen
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 71ad4861cdbd8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 search.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 550 B
1 KB 235ms
234ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/search.png

Requested by

Host: portalonbr.com
URL: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1655149065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bff94fc53b0367730ae0231d3ac6897ca493f98652f95613d5a2ee94d71eadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1655149065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3aPB80vGq1ApS1X469c5adSiS%2BOyRgiX3xOHKyMYS0sk7LZHq5Oy6YzgzJy87i999UHGwAvjSwBQ7U2U2y9JUJMYl1k%2BuqcL7hJU8m%2BG5QgCPsHGT06lnd0B0UVWuArrM0LbJJLMPsHO5UGnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 550
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cdc18fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 topoSeparaMenu.png
portalonbr.com/wp-content/themes/Portalonbr/img/ 184 B
854 B 234ms
234ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/themes/Portalonbr/img/topoSeparaMenu.png

Requested by

Host: portalonbr.com
URL: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1655149065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a760bb7f2b48d3f293dcb65b77aa6404ca9c381bb581c0fe393282316fc336

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1655149065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1k%2BHx2%2BKG0YUVj8QGUml6%2BGavXDSVbmp4vY17rkwGPQa7c3YTNTYyj1ntoOGL%2B4ca0P1FFysu2UzbzHrGPOpsyPMPv2NU9MBSXC7Yua1%2FFOHU7qMCvqr9KIBfIggnbHotpeOxdasewuigRgjg%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 184
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 15:31:04 GMT
server: cloudflare
etag: "61fd46b8-b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cdc68fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 right.png
portalonbr.com/wp-content/uploads/ 1 KB
2 KB 234ms
234ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/right.png

Requested by

Host: portalonbr.com
URL: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1655149065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a981d1cf29a578baf94ef901db9a17e0f078f407d4133a806c465682ede97fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/wp-content/themes/Portalonbr/style.css?v=1655149065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPz16IB%2BdUiuUBIvc0RL9zbS11uW1v%2FnfPKzrG6VgHi4GZP%2F4ggeP21rV6TgRtsvr2qJSNdt2Y%2BlU2GpjSgEh%2FNDjoV53Lye9lLW%2FjjGbIRvf9twKdPE2gAlJzqT3CGt%2BK4MpMMRYwcb4leIyA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1301
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Mar 2021 02:53:13 GMT
server: cloudflare
etag: "6052c099-515"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861cdca8fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Emprestimo-Pessoal-Caixa-500x375.png
portalonbr.com/wp-content/uploads/ 62 KB
63 KB 213ms
213ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Emprestimo-Pessoal-Caixa-500x375.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803945a675e5068c6724332d47d9f62532a67d40c5ff11035f5deccf53603c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BqvGGeHx0FpL%2Fgug79JBBkRaOVAXUc32wJcoXW6TX9nB1GYe8Lm6UO53QXtD9PaodlAFtJ3ZYHICLwq6lRYXFsYS3y2Xl%2F3FKaT8TE8BpFpaC%2Bajiuj8%2BegJQQSU%2BvYghxO0K6CDoqaN4%2BFgA%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63318
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Nov 2021 22:18:22 GMT
server: cloudflare
etag: "61a6a32e-f756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861fe228fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Emprestimo-Pessoal-Caixa-500x292.jpg
portalonbr.com/wp-content/uploads/ 42 KB
43 KB 233ms
233ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portalonbr.com/wp-content/uploads/Emprestimo-Pessoal-Caixa-500x292.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c63da669c550659490786f461292ed423f165efe21c9a84ccd8c8655b11fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JorYmPpJ1DmIQEs%2Bgb7ZID%2BkDZ0nBXOwg6kutaG6pHJfLKMIM4wLoDjCuo1rl9x4SQ9MNuUlQr8of7iVPfmwJ62CEFoGiZ4XBNWJm%2FgHOxk89xC9hBW%2BqWKYG3JK73VS%2F5yi59cq7EtGHP9%2Bxw%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43515
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Nov 2021 22:18:36 GMT
server: cloudflare
etag: "61a6a33c-a9fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71ad4861fe278fe6-FRA
protected: by MS22051001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ 367 KB
146 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148524
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:02:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:04:46 GMT

GET
H3 200 pubads_impl_2022060801.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 113ms
37ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 16:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127852
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 08:45:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Jun 2023 16:35:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 217 B
150 B 121ms
46ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portalonbr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

093d81c5f1f889d11628f0d5b73a354d113cf6fc70c4d060d5e6c827835c4429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125
x-xss-protection: 0
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 128ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193029831-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216178255-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

267fdb7b51e0b6d482dd3cbcd6ff31bbe5bce3250e5d8a4222f43687846d6309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39781
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 18:35:03 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
65 KB 129ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SKBSZCXZL7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216178255-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

603ba0f26448b3e51bb999a163c4a7bb7525ff73e396441f200f4a65e10e88b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66851
x-xss-protection: 0
expires: Mon, 13 Jun 2022 19:37:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193029831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4718
date: Mon, 13 Jun 2022 18:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Jun 2022 20:19:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 584ms
57ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SKBSZCXZL7&gtm=2oe680&_p=850517460&_z=ccd.tdB&cid=2113620571.1655149067&ul=en-us&sr=1600x1200&_s=1&sid=1655149066&sct=1&seg=0&dl=https%3A%2F%2Fportalonbr.com%2Femprestimos%2Femprestimo-pessoal%2Femprestimo-pessoal-caixa-confira-tudo-sobre%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DProposta%2Bde%2Bregulariza%25C3%25A7%25C3%25A3o%2521%26utm_campaign%3DEmpr%25C3%25A9stimo%2B20%2B-%2BAtividades%2BRecentes%2B-%2BPedroPortal&dt=Empr%C3%A9stimo%20Pessoal%20Caixa%20-%20Confira%20Tudo%20Sobre&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SKBSZCXZL7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 19:37:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalonbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 120ms
44ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=850517460&t=pageview&_s=1&dl=https%3A%2F%2Fportalonbr.com%2Femprestimos%2Femprestimo-pessoal%2Femprestimo-pessoal-caixa-confira-tudo-sobre%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DProposta%2Bde%2Bregulariza%25C3%25A7%25C3%25A3o%2521%26utm_campaign%3DEmpr%25C3%25A9stimo%2B20%2B-%2BAtividades%2BRecentes%2B-%2BPedroPortal&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Pessoal%20Caixa%20-%20Confira%20Tudo%20Sobre&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=558670278&gjid=807861699&cid=2113620571.1655149067&tid=UA-193029831-1&_gid=1925147232.1655149067&_r=1&gtm=2ou680&z=258012195

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalonbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 116ms
44ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=850517460&t=pageview&_s=1&dl=https%3A%2F%2Fportalonbr.com%2Femprestimos%2Femprestimo-pessoal%2Femprestimo-pessoal-caixa-confira-tudo-sobre%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DProposta%2Bde%2Bregulariza%25C3%25A7%25C3%25A3o%2521%26utm_campaign%3DEmpr%25C3%25A9stimo%2B20%2B-%2BAtividades%2BRecentes%2B-%2BPedroPortal&ul=en-us&de=UTF-8&dt=Empr%C3%A9stimo%20Pessoal%20Caixa%20-%20Confira%20Tudo%20Sobre&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1358356017&gjid=164915962&cid=2113620571.1655149067&tid=UA-216178255-1&_gid=1925147232.1655149067&_r=1&gtm=2ou680&z=837839868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 19:37:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalonbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 22379248166 Show response
fundingchoicesmessages.google.com/i/ 99 KB
35 KB 437ms
63ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22379248166?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e469a2dd64a0d58948bef8783d6975c40df25e45c8ad6c03db0408906690ce82

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8RYIXr7vcn9TJuuuAN6-0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-8RYIXr7vcn9TJuuuAN6-0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8RYIXr7vcn9TJuuuAN6-0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-8RYIXr7vcn9TJuuuAN6-0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXXX38yhJb6mvzH9frzAtpbnplEXhZYTHtjzVqrOm6dPme70Z_fBWDheaGl4p8wNQpo_MmjzKolf7btB4oegJA= Show response
fundingchoicesmessages.google.com/f/ 745 KB
96 KB 184ms
107ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXX38yhJb6mvzH9frzAtpbnplEXhZYTHtjzVqrOm6dPme70Z_fBWDheaGl4p8wNQpo_MmjzKolf7btB4oegJA=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU1MTQ5MDY3LDQ1NDAwMDAwMF0sIkYxNjg2NjM0LTJGOTEtNDg5Qi04NzY0LUI2NDY0Q0E2NjkwNiIsIkU2MjVDNkFCLTlBMzAtNEFDMS05MzVGLTU1MkZDRDRDMjM2QiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3BvcnRhbG9uYnIuY29tL2VtcHJlc3RpbW9zL2VtcHJlc3RpbW8tcGVzc29hbC9lbXByZXN0aW1vLXBlc3NvYWwtY2FpeGEtY29uZmlyYS10dWRvLXNvYnJlLyIsbnVsbCxbXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.__r9nXDIThY.es5.O/d=1/rs=AJlcJMwa463x64EQcb0u-2jd-dLMBhqjUA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8691284167978836375aa82dd7e52e229280a9c687162cfc72c63e740d748d1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F9BOqVjlCFgcSWNGT2o6tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-F9BOqVjlCFgcSWNGT2o6tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-F9BOqVjlCFgcSWNGT2o6tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-F9BOqVjlCFgcSWNGT2o6tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 60 KB
4 KB 139ms
53ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.8ylgyAAd3i0.es5.O/d=1/rs=AJlcJMyodNA6tS2MqMhKzd4H9miiZIsJLA/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c560d5d48fcd65c32c6480479008859cd2ddfc49268486fd582085af1beac16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 19:37:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Jun 2022 19:37:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Jun 2022 19:37:47 GMT

GET
H2 200 luSgtyaPt_6tYShmGEvhMcOWEM60NNxVFbZOmmmnfmZtfwG4PHg34BNvP_33cM-mIRcdZbHf0CU5W1S15s2bQfROTd74tGZ1Rf9fU-Ek9AOJYqPnTl1c=h60
lh3.googleusercontent.com/ 5 KB
6 KB 301ms
217ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/luSgtyaPt_6tYShmGEvhMcOWEM60NNxVFbZOmmmnfmZtfwG4PHg34BNvP_33cM-mIRcdZbHf0CU5W1S15s2bQfROTd74tGZ1Rf9fU-Ek9AOJYqPnTl1c=h60

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

398b827e66fb2b8cd22ea7f3c204c3351b63f35a2a8621f549b8c0456783b056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:37:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5346
x-xss-protection: 0
expires: Tue, 14 Jun 2022 19:37:48 GMT

POST
H3 204 AGSKWxWrla49Nl528QrEwrW9Tq7vy7T13HFP-WnGR0E14W9UtfV9pxemdO2TC3bVVrDVTg0MN-H1Y_eSVwQzFuiTJe4jAiAMCuNMxV_Z55-_z7BHcrQ5XO4q7iOZ9Id6xV8yTwTkFa8rlXQ4m5MQO9EiqcZjLjb0yv_QYPU6TAhpuTot7FCmd7x1JXnATCnn Show response
fundingchoicesmessages.google.com/el/ 0
28 B 126ms
49ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWrla49Nl528QrEwrW9Tq7vy7T13HFP-WnGR0E14W9UtfV9pxemdO2TC3bVVrDVTg0MN-H1Y_eSVwQzFuiTJe4jAiAMCuNMxV_Z55-_z7BHcrQ5XO4q7iOZ9Id6xV8yTwTkFa8rlXQ4m5MQO9EiqcZjLjb0yv_QYPU6TAhpuTot7FCmd7x1JXnATCnn?dmid=5409c9c26e3e736b

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-X0nsU0BpUyI5pepTBqIjoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-X0nsU0BpUyI5pepTBqIjoA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 13 Jun 2022 19:37:48 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://portalonbr.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-X0nsU0BpUyI5pepTBqIjoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-X0nsU0BpUyI5pepTBqIjoA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v129/ 124 KB
124 KB 185ms
102ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v129/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 20:01:17 GMT
x-content-type-options: nosniff
age: 516991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127244
x-xss-protection: 0
last-modified: Tue, 24 May 2022 18:27:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 20:01:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 117ms
38ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 1793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:07:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 79ms
49ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalonbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 26470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portalonbr.com
URL: https://portalonbr.com/wp-content/themes/Portalonbr/css/bootstrap.min.css

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portalonbr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hsb6qtqtt4bfd7j09ljvbi18lc
.portalonbr.com/	1970-01-20 21:17:01	Name: _ga_SKBSZCXZL7 Value: GS1.1.1655149066.1.0.1655149066.0
.portalonbr.com/	1970-01-20 21:17:01	Name: _ga Value: GA1.2.2113620571.1655149067
.portalonbr.com/	1970-01-20 03:47:15	Name: _gid Value: GA1.2.1925147232.1655149067
.portalonbr.com/	1970-01-20 03:45:49	Name: _gat_gtag_UA_193029831_1 Value: 1
.portalonbr.com/	1970-01-20 03:45:49	Name: _gat_gtag_UA_216178255_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://portalonbr.com/emprestimos/emprestimo-pessoal/emprestimo-pessoal-caixa-confira-tudo-sobre/?utm_source=ActiveCampaign&utm_medium=email&utm_content=Proposta+de+regulariza%C3%A7%C3%A3o%21&utm_campaign=Empr%C3%A9stimo+20+-+Atividades+Recentes+-+PedroPortal Message: Refused to apply style from 'https://portalonbr.com/wp-content/themes/Portalonbr/css/bootstrap.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

criarcurricuads.lt.acemlna.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
portalonbr.com
region1.google-analytics.com
securepubads.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
portalonbr.com
172.217.23.98
2001:4860:4802:34::36
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:400e:80e::200a
2a06:98c1:3120::3
54.159.61.171
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
093d81c5f1f889d11628f0d5b73a354d113cf6fc70c4d060d5e6c827835c4429
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
1bff94fc53b0367730ae0231d3ac6897ca493f98652f95613d5a2ee94d71eadb
1e07f327cf2ff6dd56f26925c91fa4e1e79e3b60a28f65572ebf60d8a4810e00
1f126eaaa1bfeb4cc4f1d5414feb0d59feeb45302e4cbb418552d8d334892e3a
267fdb7b51e0b6d482dd3cbcd6ff31bbe5bce3250e5d8a4222f43687846d6309
29b2f442bdbbdc8a66468a6c9ad7f0a6bb522af2a19b3106bb83b1511e53a441
29ea39fde4dfdd3f7f7242447f45b871e49517d866dfd7e04303cc6741bbf018
2c86a741f1b9c363eb43137c12532fd642da9ea9a970efabd3db77c0258e4997
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2
372b6777e7c30e4a897c116132758de9fe0507e6e6dc5a4819394718dc05d3f9
398b827e66fb2b8cd22ea7f3c204c3351b63f35a2a8621f549b8c0456783b056
4118b00d07cb9de464d6fdc67cd24e68476e2e0f38553781b433f3097dfd0dd8
43c63da669c550659490786f461292ed423f165efe21c9a84ccd8c8655b11fff
43ec1f7ae0fad2cd771ea84990356d5da81095792dd3414e424ea3e51efc3609
4ae62c4f389a7aea9b199dee5b018bfcc28a52424808260533436f1a51831b92
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f89d1aafdb83d94fc9c55f4765d658956fbe6122f1056887f072918cf828cc7
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
603ba0f26448b3e51bb999a163c4a7bb7525ff73e396441f200f4a65e10e88b0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c560d5d48fcd65c32c6480479008859cd2ddfc49268486fd582085af1beac16
7ff92a392f79b4d79b60045b99d6f795c7ab3a48053dd8ed549445925a45d71a
803945a675e5068c6724332d47d9f62532a67d40c5ff11035f5deccf53603c0e
8394aa5eede6f370ec3bba3c4a6bfd79de735ed21efbd33cbb1fec8f9dc89708
8691284167978836375aa82dd7e52e229280a9c687162cfc72c63e740d748d1b
8c126bc13a8986f1a9ac0cfd1cd67280a5ae0eca52d4519fe702b7cf85c76a43
8ca1d71b550b03f0e76de84dac6aa71b35c2a7e4b2e57fbe1f129db9116e6e57
91157f542e7b838f3011f20f7dfc2218aa9a462a29329a80a6b504f6f3e6ca81
9174f15d5bc1218fed68d9a489dd724db7a750e5ef800785631bbb45c1b1be3b
96eaa1828b339d5a83dd2d1f8153d3d02ebeabdf1112ee7e07018c773aaaabe7
9a6ca5e7abeae43d0e5f8f16875a6981ffd187218bf3a5c265b1d222b0437b0e
9ebba9bbe4f78ec6837cb11ee1b195c009ca07153ce15834c535eb3e54e81edc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a981d1cf29a578baf94ef901db9a17e0f078f407d4133a806c465682ede97fc9
adebd190254b82d034e05a5fde9dc2088bf7388a15cd9a0e31c79ac143202810
b1f8aa2a7695aed57187c9a00e92b5c03d1076e0e41b63cbaef47f44fdc1fdb1
b9a760bb7f2b48d3f293dcb65b77aa6404ca9c381bb581c0fe393282316fc336
d0fa03e44615c37d438870d2e610bc2543058f6740a98c6a96dc22de64b9f688
d393fee4858d73610ef9ac7d9b9788f75147371523b18dc66ed92e62e1cf4e5b
d84f1019583fa28c5cb66e2af7cb552ff6778d75ad1650bdb836cc472a04250c
dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e469a2dd64a0d58948bef8783d6975c40df25e45c8ad6c03db0408906690ce82
ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea
ed76d8ba194399914d1d2f2a9a53045b4e5aee97b52d871e22fcd9e030d88390
f1839fda0fa7d836ab229867ba5f9e7e49ba1a421abd53fd9db0c8bcc46fe7bd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

portalonbr.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

83 %IPv6

9 Domains

12 Subdomains

12 IPs

3 Countries

1449 kBTransfer

3418 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalonbr.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

1449 kB
Transfer

3418 kB
Size

6
Cookies

55 HTTP transactions
0 data transactions