portalnovonorte.com.br Open in urlscan Pro
2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portalnovonorte.com.br/
Effective URL:
https://portalnovonorte.com.br/
Submission: On November 23 via api (November 23rd 2023, 3:45:54 pm UTC) from US — Scanned from GB

Summary HTTP 210 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 9 countries across 32 domains to perform 210 HTTP transactions. The main IP is 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9, located in Meppel, Netherlands and belongs to AS-HOSTINGER, CY. The main domain is portalnovonorte.com.br.
TLS certificate: Issued by R3 on October 13th 2023. Valid for: 3 months.

This is the only time portalnovonorte.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	2a02:4780:24:... 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4 29	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 10	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4009:16::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:17::9	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 16	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
210	27

27 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 (Meppel, Netherlands) 2 redirects

ASN47583 (AS-HOSTINGER, CY)

portalnovonorte.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:16::7 (London, United Kingdom) 1 redirects

ASN15169 (GOOGLE, US)

r2---sn-aigzrnss.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:17::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hne6n6e.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	785 KB
39	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	259 KB
34	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	1 MB
27	portalnovonorte.com.br 2 redirects portalnovonorte.com.br	516 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	38 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	40 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	382 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 599	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	448 B
3	gvt1.com 2 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3518 r2---sn-aigzrnss.gvt1.com — Cisco Umbrella Rank: 617855 r4---sn-5hne6n6e.gvt1.com	2 MB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 25910 ui.cleverwebserver.com — Cisco Umbrella Rank: 26783 call.cleverwebserver.com — Cisco Umbrella Rank: 27405	47 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4223 onesignal.com — Cisco Umbrella Rank: 1433	73 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	455 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 728	927 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	655 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	1020 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	209 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 454 dis.criteo.com — Cisco Umbrella Rank: 597	651 B
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1136	223 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	717 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	719 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	389 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	588 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	84 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	lnmimg.com Failed str1.lnmimg.com Failed
0	srv2lenium.com.br Failed www.srv2lenium.com.br Failed
210	32

	Domain	Requested by
41	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com portalnovonorte.com.br pagead2.googlesyndication.com
27	portalnovonorte.com.br	2 redirects portalnovonorte.com.br ajax.googleapis.com
23	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
21	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	portalnovonorte.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
11	fonts.gstatic.com	fonts.googleapis.com www.google.com
10	www.google.com	2 redirects ajax.googleapis.com www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.googleadservices.com	googleads.g.doubleclick.net portalnovonorte.com.br
8	fonts.googleapis.com	portalnovonorte.com.br googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
3	match.adsrvr.org	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	d5p.de17a.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	cdn.taboola.com	portalnovonorte.com.br cdn.taboola.com
2	connect.facebook.net	portalnovonorte.com.br connect.facebook.net
2	cdn.onesignal.com	portalnovonorte.com.br cdn.onesignal.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	onetag-sys.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r4---sn-5hne6n6e.gvt1.com	googleads.g.doubleclick.net
1	r2---sn-aigzrnss.gvt1.com	1 redirects
1	redirector.gvt1.com	1 redirects
1	call.cleverwebserver.com	portalnovonorte.com.br
1	gum.criteo.com	cdn.taboola.com
1	onesignal.com	cdn.onesignal.com
1	ui.cleverwebserver.com	portalnovonorte.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	scripts.cleverwebserver.com	portalnovonorte.com.br
1	www.googletagmanager.com	portalnovonorte.com.br
1	ajax.googleapis.com	portalnovonorte.com.br
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	str1.lnmimg.com Failed	portalnovonorte.com.br
0	www.srv2lenium.com.br Failed	portalnovonorte.com.br
210	44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.instagram.com
api.whatsapp.com
www.al.to.leg.br

Subject Issuer	Validity	Valid
portalnovonorte.com.br R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 33 frames:

Primary Page: https://portalnovonorte.com.br/
Frame ID: 753E54008CBFDAA4671514CA2B024186
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 4D85F7A4B87F5695027E582551224FC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&adk=1812271804&adf=3025194257&lmt=1700754346&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_r&format=0x0&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345720&bpp=7&bdt=1221&idt=346&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=812354201708&frm=20&pv=2&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=395
Frame ID: 57665556549A0D5FF2059D44691349BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=90&slotname=2817550709&adk=621363279&adf=2168434028&pi=t.ma~as.2817550709&w=970&lmt=1700754346&format=970x90&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345727&bpp=2&bdt=1228&idt=395&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=403
Frame ID: 926AD8A627D2611E66D3C982C6BEFB53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=90&slotname=6178404730&adk=1501959591&adf=246414136&pi=t.ma~as.6178404730&w=728&lmt=1700754346&format=728x90&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345729&bpp=1&bdt=1230&idt=407&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=414
Frame ID: B5445B69FDC7A717515564699442F21F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=6861270322&adk=1690502907&adf=3515562525&pi=t.ma~as.6861270322&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345730&bpp=1&bdt=1231&idt=416&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=1654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=425
Frame ID: 102D535D34074B6BE6016D02466E6B31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=9921374470&adk=850486544&adf=453346265&pi=t.ma~as.9921374470&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345731&bpp=1&bdt=1232&idt=428&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=2441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=434
Frame ID: 6385F1E3006EB621E323E10FCC71717C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=3662910279&adk=1297973281&adf=891839204&pi=t.ma~as.3662910279&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345731&bpp=1&bdt=1232&idt=439&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=447
Frame ID: C0A0663913F44E29A09E1DCE1D6988AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=8608292800&adk=4181925763&adf=4201705311&pi=t.ma~as.8608292800&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345732&bpp=1&bdt=1233&idt=448&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=456
Frame ID: 8266F485335201B60BF62432DBE04DCE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r&co=aHR0cHM6Ly9wb3J0YWxub3Zvbm9ydGUuY29tLmJyOjQ0Mw..&hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ykvd1rfbmu8z
Frame ID: 9F82A9A8FEE26E8BFF7D29C792915EBB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=1418185256&adf=4190026705&pi=t.aa~a.2215190445~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=1200x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=2&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=6
Frame ID: 5C75ED3051D180FE144B69F9E1731FAD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11
Frame ID: E0BCDCEE53EF61DD6A809D9A3D4B9F64
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=3489070486&pi=t.aa~a.2983941107~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280%2C368x280&nras=4&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=7&fsb=1&dtd=16
Frame ID: 2B17A7A8EDA34E7278D7F727F1025B91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2692ADFE9133F58172BF905A64FBA2D5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 11CED2B14FBED25620F346BEAC0FF550
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1D88480F427301BA031E86065C7223A2
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7F6DD4707353D205EA622EC008BDCD1B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E501314EE8008D7EE154AFC8B0B3B130
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8ECBCF184AF3E286CE0366844CA2659A
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: F9DA9639413875DF672887747082B94C
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r
Frame ID: 50839569AC51BD2047ED0C09F85FEEF5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 81BFDFDD415E58C4B7D6771AF7B164E2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 4DB0B4E633175CEFCC83422959F33E5E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 7C9ADF0A5D11491F4BF6D8CFB314EBB9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html
Frame ID: C271A87138AF3DDBE743DE603F4D5DA8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F16669E10FF2147DFC23572BA4BEBBB2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 564AAA96FFB50AFA31A1278E221F443F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 60E185B36B898BF5A2DDE7074860A21A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 942792F91DC123EFFE77CFD2A0EBF5E7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 0A8D049A16CC1288EAF61AED39C29EC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 0CD938FC273CE6720A6152B77755E709
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D6E857BEE1C73FBF238A1A5ED97B8CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58B09DFE0D9D2192C5B9ADE334E9F8D4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal Novo Norte - Saiba tudo, saiba primeiro

Page URL History Show full URLs

http://portalnovonorte.com.br/ HTTP 301
https://portalnovonorte.com.br/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

210
Requests

89 %
HTTPS

64 %
IPv6

32
Domains

44
Subdomains

27
IPs

9
Countries

5114 kB
Transfer

11083 kB
Size

25
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portalnovonorte

Search URL Search Domain Scan URL

URL: https://www.twitter.com/portalnovonorte

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalnovonorte

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5563981212858&text=Ol%C3%A1!
Title: 63 98121-2858

Search URL Search Domain Scan URL

URL: https://www.al.to.leg.br/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portalnovonorte.com.br/ HTTP 301
https://portalnovonorte.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://portalnovonorte.com.br/tema/v8/fonts/classificados/icons.css?v=264005e5 HTTP 302
https://portalnovonorte.com.br/erro-404/?origem=/tema/v8/fonts/classificados/icons.css?v=264005e5

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://googleads.g.doubleclick.net/pagead/adview?ai=CItZtq3NfZbPFDJ2x9u8PwdCjqAOp09-vdOOmuJmGEpS_tauuARABIPGsg3dgu4aAgNAKoAHg8oC_AcgBCagDAcgDSKoEkAJP0OCot3ST7MwalLk3PKBW_NGU5TOTtJRQYP6hnWze_zgzrBIO7ri4gm0M3w7Gq9vqGDajlrTzVPXuAsrI-NM_6xgTg0IIMbNO5LbvahJNPuEcp6IYXu6Ec5nlqCb8OlW-uZTUX3aSiYN6qKND1Lym3fcD8YShV1zJsiRi-8BcVGR6d-HeU1ESCsgih-I7k9xQjeXNHT7EJGFMnjHrP9lM3dQjTx_l3pi5Lc3upP16IRWDCsp55UaDVvCmR5w3O8KYNKy_g-jzraLsnstpW1Sc0MaTWlDs6nwoxYaIcegjGLqCOGJbUp9JGBGd20eVMnQXoz78HywihsVHCCLlrQTS8tmWWZRllw6Rgt5rCzu-eMAEg4axpsAEiAXNw9XyTJIFBAgEGAGSBQQIBRgEoAYugAfe_oP4A6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELXaBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCcMDaHR0cHM6Ly9saXZlYmVhbS5jb20vbGFuZC9zcC8wMmE4YTRlMT9wYXJ0bmVyPWFkd19sYl91YSZjYW1wYWlnbmlkPTIwNjQxNTcxMjc3JmdjbGlkPXtnY2xpZH0mYWRncm91cGlkPTE1NDY5OTMxODAxOSZ0YXJnZXRpZD0mbmV0d29yaz1kJmRldmljZT1jJmRldmljZW1vZGVsPSZsb2NfaW50X3BoPV85MDQ2NjE3Jm1hdGNodHlwZT0mdGFyZ2V0PSZrZXl3b3JkPSZjcmVhdGl2ZT02NzY4MzMzODQ2OTcmcGxhY2VtZW50PXBvcnRhbG5vdm9ub3J0ZS5jb20uYnImY2FtcGFpZ249QVdfTGl2ZWJlYW1fV29ybGR3aWRlX0FsbF9HRE5fUHVyY2hhc2UtYWxsLW9mZi1iaW5hcnktZXZlcnlfTmV3VV9EZWZhdWx0LUhJXzExT2N0Jmdyb3VwPWluLW1hcmtldF9SZWFsX0VzdGF0ZSZiYW5uZXJfdHlwZT0xX0dETl8zMDB4MjUwX3YyJnN1Yl9uZXR3b3JrX2lkPUdETiZ1dG1fbWVkaXVtPSZ1dG1fc291cmNlPYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi04Nzg3NjQ0NjM5NTA5Nzc2GAA&sigh=elgzi6mk-6Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNvxCnF0GbppaDCsk-j7ApebH253X454cmNxx81k5sw2jrgKbco0Zpicb8a3K9UqjHnjNwD9brlRgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215413639141132339477%22,%22debug_reporting%22:true,%22destination%22:%22https://livebeam.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22400570720%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227618693367088084193%22}&andc=true

Request Chain 158

https://redirector.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=5694CA6760D0ABB2BFE3448817F790F4DD742271.64492FF30BD5C102F1EA9743E2427A42E0FE329C&key=ck2 HTTP 302
https://r2---sn-aigzrnss.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=42B2512A7D0E3106E5CC76B47B819D1CA82FC217.1878F496CC90244BEE097F0F2EA8D5CA5DFD43F3&key=cms1&cms_redirect=yes&mh=4g&mip=2001:ac8:21:e::8&mm=28&mn=sn-aigzrnss&ms=nvh&mt=1700752293&mv=u&mvi=2&pl=48 HTTP 302
https://r4---sn-5hne6n6e.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=711C4695339ED6C213A77CC8C81B95BFA02B2498.36187C11F4CEC16DDD0574B7F31782309166288D&key=cms1&mh=4g&pl=48&redirect_counter=1&cm2rm=sn-aige6l7l&req_id=356e7b24238d36e2&cms_redirect=yes&mip=2001:ac8:21:e::8&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1700754052&mv=m&mvi=4

Request Chain 163

https://googleads.g.doubleclick.net/pagead/adview?ai=CIghCqnNfZaaXCtGA9u8PwfW28AKM3YbLbvnJvcKrEMCNtwEQASDxrIN3YLuGgIDQCqABjezk2QLIAQGpAk9d9X9sfKg-qAMByAPLBKoEiAJP0N0dsnVo3RiEb9QXDR5gEKr8Npt2AsYYE3Zou-9bF5GzMnSYY6iMZFIpf9zUi6fj3MKcDGstCUrkLt7aKACpQ8bWKxLGkgYL4ggwbOwSGUnS8ew_Egz4cd-7NNtBncEwjIP82RsuuOmRYg4fdo9i74s12B6RP2DfBDHSCrpqXoPSbWpraMEPw-pKUBR67g8rVaj77MlveP8qnUrbgkLpKYH4oH1lWfJL5mnzyoVw9WpHcmRHKlHvTBF9ccoLHHSJDItMzJDazG-oU1b50w448asVBQ_FS9kchLclGv_GjdEXjtdet1CGcB2vq99Uipm0vvssR1KpNUZO85N2KlGqtk4pjN5yvXXABL7i4d2KBIgFpYHH6i-SBQQIBBgBkgUECAUYBIAH25ObpgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDUyQbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglmaHR0cHM6Ly93d3cucGNoZWxwc29mdC5jb20vc3RhdGljL2xwL2RyaXZlci11cGRhdGVyL3B0L0xQMTkucGhwP2NhbXBhaWduaWQ9QURXT1JEUyZmaWx0ZXI9MTQwMzE5OTQ1MDIygAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi04Nzg3NjQ0NjM5NTA5Nzc2GAA&sigh=pQekhDaIOzc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNMLkhC6ri8tdXCAb0teFs9-O1lKNZRjiS612jCSOZkYM55Tg08Rb3rzcqVps4HgDn_4CpxCZ-PdSjA1is_sB5qKrdAbNmNE9CMesYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213686888696900460967%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226091966200934158529%22}&andc=true

Request Chain 167

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELFtX8gyxa5yYX7EqVc0U-c&google_cver=1&google_push=AXcoOmTaAslgZCTFHMExPyueZ9AIprxMPsp1jV4De2oHYxFqNXMn7BQCf0NOJMfRm1ghQ8PtHnLMSJIhH8VJAVytIvHWl2cs38rWssj9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaAslgZCTFHMExPyueZ9AIprxMPsp1jV4De2oHYxFqNXMn7BQCf0NOJMfRm1ghQ8PtHnLMSJIhH8VJAVytIvHWl2cs38rWssj9&google_hm=Y_gCFPuxRtm_vT2FwPW1SG0

Request Chain 168

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMdI3xiDgip2PamsCarR3lA&google_cver=1&google_push=AXcoOmSy6WN67ZJLxoGg4VIss1iiuGaJBY0ziCT0YUHgAu9QXAw7lPT_JwibpYHfFGy5QM7m977X0QBmjziMLidwoiYI8_a7Jbqq3fyd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDY4NDMwMzIxNjgwMTk1Mg%3D%3D&google_push=AXcoOmSy6WN67ZJLxoGg4VIss1iiuGaJBY0ziCT0YUHgAu9QXAw7lPT_JwibpYHfFGy5QM7m977X0QBmjziMLidwoiYI8_a7Jbqq3fyd

Request Chain 169

https://d5p.de17a.com/cookies/google?google_gid=CAESECvRFordY3JW5FGyEAOltEo&google_cver=1&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-NOgWWpDuEQH HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECvRFordY3JW5FGyEAOltEo&google_cver=1&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-NOgWWpDuEQH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-NOgWWpDuEQH

Request Chain 170

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOpKXDzvCl3GGMmL7tIOnpg&google_cver=1&google_push=AXcoOmTjUNRLrhqKbke4qmPYfyE7zPPB-4JGeJ50Eu0kQKMVJIXqFcTY5fOrp6a9L3IVwVrIc7anhM-LXHqPv5b-9AUtAg1-Xmd-OhaN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjUNRLrhqKbke4qmPYfyE7zPPB-4JGeJ50Eu0kQKMVJIXqFcTY5fOrp6a9L3IVwVrIc7anhM-LXHqPv5b-9AUtAg1-Xmd-OhaN

Request Chain 172

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED0Pav8J_9NVZn3X7K-XpzI&google_cver=1&google_push=AXcoOmQOmYTHzAwkcZlmpwoYOXNzReBFzDZysFXcldkfpyhcYWMTsk7V7AicU0MzhZCXn_cm-bRnpkOLC6suu7cI716XZMtVz1ef4Rw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMxNTgyMTY4MDg4ODA4NTc5MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1

Request Chain 174

https://um.simpli.fi/gp_match?google_gid=CAESELuBXQSIlxRpABSlpnoy-98&google_cver=1&google_push=AXcoOmR9xWamH__RY6_grWHXxK7fBfjvbaB66yQSQTK9SWVEDV_qv6rLGfVTP4ifBp22NPLoudZSsjGNLhcAmB1iG65iZeUOUlCtTPSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3CC465550B64B2ABCD8295B6468803E&google_push=AXcoOmR9xWamH__RY6_grWHXxK7fBfjvbaB66yQSQTK9SWVEDV_qv6rLGfVTP4ifBp22NPLoudZSsjGNLhcAmB1iG65iZeUOUlCtTPSA

Request Chain 176

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECeEPARgfoEcxwClAKnZjac&google_cver=1&google_push=AXcoOmRXyh1x0RSprqbUVlAMhHWoUQH_mMMDV3ozRN90ccXh-7Vf1BmNW6qnYz_JO_mGn0MxN5mu5ed6R1PYAwILbeDogSGld0C_hleR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRXyh1x0RSprqbUVlAMhHWoUQH_mMMDV3ozRN90ccXh-7Vf1BmNW6qnYz_JO_mGn0MxN5mu5ed6R1PYAwILbeDogSGld0C_hleR&google_hm=i1LV25EpSreY5t91mMhU_m0

Request Chain 177

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENf6y75g61WX_gSzxZz8JhA&google_cver=1&google_push=AXcoOmSg_g6kOgGXqGT7p0tsZU7JbG-jol3DUBp1WbbBOEtlEvtkRI3XN04L3GoRwYNhoBrRv5dD3akdSeGvDeq7gWw1bMo6EWPgphp7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg_g6kOgGXqGT7p0tsZU7JbG-jol3DUBp1WbbBOEtlEvtkRI3XN04L3GoRwYNhoBrRv5dD3akdSeGvDeq7gWw1bMo6EWPgphp7&google_hm=eS1lMlp1WExkRTJwSFRBbUxXYTA5XzROeHNobUphSVUwc35B

Request Chain 186

https://googleads.g.doubleclick.net/pagead/adview?ai=CAB1Uq3NfZZ6cDJK99u8P48qS8AvH462kdOfv--7PEGQQASDxrIN3YLuGgIDQCqAB1OufmgPIAQmoAwHIA8sEqgSTAk_QaV16ux2NNlOlExYCrOops7VPKdThTpvniDSHSQQ6nl9QaQ33JxVe7vlhnuFNKTy0GLh58aiYZngPaDRS6pOUasH7_djiggGPJWNpUCnz3xReR0D0gUdd1wgeZkw79BxAytsHZBlSClVYiUQbzNcgC9OasRU1OBR1rvuMOKh5NAtBUK_fo33cKU7wBJBVBpVFeJb-pwa2BFCGmamPNTEXWaO_4DO0gnAQTaBGVT9BI1V7BNzW8qsv5f3aNNEEtiyx8gNUL6oqGXkhJgvEPw7u0ZrKB1g7mcE96zTyAPphvAAYloTS68rgCUMTcVeRgSIC9drLDqdVI_zll9UR4bXcN9qi3kcF-FEFKHYjX23mZO98wAScx6ahlASIBe3Qw-FFkgUECAQYAZIFBAgFGASgBi6AB5SU4GWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCyiATSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKuA3NW72oIDmgkzaHR0cDovL3ktamVzdXMub3JnL3BvcnR1Z3Vlc2UvbHAvamVzdXMtZS1kZXVzLWRwLWEvgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECuBOcG9gTDIgUCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Nzg3NjQ0NjM5NTA5Nzc2GAA&sigh=tWkctZKfMyY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNuHO_2JE361rDfGpujWk7-umzaQoN_d4yz2ETJjDPkJSzmdiV08-AmlB7R1ux8Ho8GX4F9w_AWBgB&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214400843904983210362%22,%22debug_reporting%22:true,%22destination%22:%22https://y-jesus.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860354004%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227239676544256181041%22}&andc=true

Request Chain 187

https://googleads.g.doubleclick.net/pagead/adview?ai=C192vq3NfZer1C_rY7_UP__WbsA3H462kdLjg9NOAEWQQASDxrIN3YLuGgIDQCqAB1OufmgPIAQmoAwHIA8uEgIAEqgSXAk_Qs3w_-zvcDIWF2NiFv5X6rg3_CqyjXoP7EockOYfleMZiBXqv1mykXFMp2wHxkWbfZ7hXKAxu7ii_XKD2REpZHkEo1lMiBfwkdJejH9kZeiPpJP7KMjnMtaSk5qlXifsu5jvR8DTJFulZ6AOp7AU2TZQvvMB1IyDEyXLixfZ3syzBGQSbN9bYgMZFjjZwkfxkBQxdajKJEG1PEA9hUAzOowWCqWoTAPhVXKkgpLz4-wa3MefPr6rRBWPSRWKcsN32HrcMJuoNECz3DUXR_oqpL6FFDpGkycNBBYKeI7aFgv4_a0lyqYJE9E9fp-EMM9kbURbSyB-CHwLIOAmsMYGj13Ct1futI__hsD2GD9IYjvp2hP1EfsAEvp_wmooEiAXt0MPhRZIFBAgEGAGSBQQIBRgEoAYugAeUlOBlqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ-PgD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJM2h0dHA6Ly95LWplc3VzLm9yZy9wb3J0dWd1ZXNlL2xwL2plc3VzLWUtZGV1cy1kcC1hL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxArgT5APYEwyIFB_QFQGYFgGAFwGyFxwKGggAEhRwdWItODc4NzY0NDYzOTUwOTc3NhgA&sigh=dOA-NoOkc6c&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNZ3c1yqIstoOHAEohv5boc9zhL7Lx7ncOu9o9wKmcNT4HgAPesnq_ivSfSqHPKEBVfmPs_uf00RgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225768909965804929673%22,%22debug_reporting%22:true,%22destination%22:%22https://y-jesus.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860354004%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224179227345256420097%22}&andc=true

Request Chain 189

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFOKoi3Z4uk3hMXl1-M6ovA&google_cver=1&google_push=AXcoOmRuWTegrfXlM9FGthLiOlwDpSBZKgTRyztZvtcywXyv9xffLX5iM3SYAD1B4WqDZJJWG3Sn1LZniTBPXrwoMlEWBjNsdbW0wPEj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMxNTgyMTY4MDg4ODA4NTc5MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1

Request Chain 191

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQaCYi2gvXlf8tjcHDELYHQ_2YhiWg_Ro-uRnkiHM38ulwomJiGajNzLVik-9YRG2Qlf_XVPWfBDMAaIKngMQbwXoymX3H0yJ0H&google_gid=CAESEK4FfUQLo_x4ORiwLSqkMcQ&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK3n_aoGEgUI6AcQAEIASnRnb29nbGVfcHVzaD1BWGNvT21RYUNZaTJndlhsZjh0amNIREVMWUhRXzJZaGlXZ19Sby11Um5raUhNMzh1bHdvbUppR2FqTnpMVmlrLTlZUkcyUWxmX1hWUFdmQkRNQWFJS25nTVFid1hveW1YM0gweUowSA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOHNiVFR4SWpSd3JqcjRFSFJLUWxnejFlQjYzdEdfX0x0bDVsWXlJZDZ2QQ==&google_push

Request Chain 192

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJKEmbh0EXD-SBjGI6ExK_q-CVaKIEM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJKEmbh0EXD-SBjGI6ExK_q-CVaKIEM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTk4NjM4MjUxNzgyODQ1NA&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJKEmbh0EXD-SBjGI6ExK_q-CVaKIEM

Request Chain 193

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeGL5H64el0CDd8HNMAkYzYRHTrWuora HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeGL5H64el0CDd8HNMAkYzYRHTrWuora HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2OTYyODU4MjY1MjEyMzE0MA&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeGL5H64el0CDd8HNMAkYzYRHTrWuora

Request Chain 195

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL2J5STkM6rwB71eWNsXh8Y&google_cver=1&google_push=AXcoOmQ_Qjh9iWrA5_c3HBLGU0D9oIacU0pRHBi3jnal6itIoPRsldO-cF-7xK0ZgOnZuh5N8dqSGdvTR8ftl6Jb8je4pTjyeUTB-OE1zg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ_Qjh9iWrA5_c3HBLGU0D9oIacU0pRHBi3jnal6itIoPRsldO-cF-7xK0ZgOnZuh5N8dqSGdvTR8ftl6Jb8je4pTjyeUTB-OE1zg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

210 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portalnovonorte.com.br/
Redirect Chain

http://portalnovonorte.com.br/
https://portalnovonorte.com.br/

61 KB
17 KB

555ms
353ms

Document
text/html

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/7.1.33

Resource Hash

ba990d210a46a284b844dbdb766a992c13f56175f852565988930053d696600f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 17296
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 15:45:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
platform: hostinger
pragma: no-cache
server: hcdn
x-hcdn-cache-status: MISS
x-hcdn-request-id: b9c771743b8fa44e98c58ec7ba2ead7c-srv-edge2
x-hcdn-upstream-rt: 0.300
x-powered-by: PHP/7.1.33
x-turbo-charged-by: LiteSpeed

Redirect headers

Age: 6973
Connection: keep-alive
Content-Length: 707
Content-Type: text/html
Date: Thu, 23 Nov 2023 15:45:43 GMT
Server: hcdn
content-security-policy: upgrade-insecure-requests
location: https://portalnovonorte.com.br/
platform: hostinger
x-hcdn-cache-status: HIT
x-hcdn-request-id: 026b27b3fd0f14455aa80f67a7cecc5f-srv-edge2
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 305ms
42ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 17:19:44 GMT

GET
H2

200

/
portalnovonorte.com.br/erro-404/
Redirect Chain

https://portalnovonorte.com.br/tema/v8/fonts/classificados/icons.css?v=264005e5
https://portalnovonorte.com.br/erro-404/?origem=/tema/v8/fonts/classificados/icons.css?v=264005e5

3 KB
1 KB

413ms
412ms

Stylesheet
text/html

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/erro-404/?origem=/tema/v8/fonts/classificados/icons.css?v=264005e5

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/7.1.33

Resource Hash

9cd6213166c6e85ddaee06a24e846630d1483af28f90cd39e5d9a8cc18e9d2e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
content-encoding: br
x-hcdn-cache-status: DYNAMIC
content-security-policy: upgrade-insecure-requests
server: hcdn
x-powered-by: PHP/7.1.33
x-hcdn-request-id: f9a4c00fcddd6b1e0cd7cb632caf42fb-srv-edge2
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.306
accept-ranges: bytes
platform: hostinger
content-length: 1262

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:44 GMT
content-security-policy: upgrade-insecure-requests
x-hcdn-cache-status: EXPIRED
server: hcdn
x-powered-by: PHP/7.1.33
x-hcdn-request-id: 64e5e1d8854befbccde32d926e94033e-srv-edge2
content-type: text/html; charset=UTF-8
location: https://portalnovonorte.com.br/erro-404/?origem=/tema/v8/fonts/classificados/icons.css?v=264005e5
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.308
platform: hostinger
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 site.min.js Show response
portalnovonorte.com.br/tema/v8/js/ 15 KB
3 KB 68ms
61ms Script
application/x-javascript 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/js/site.min.js?v=52e3c34f

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

27d3bf8eaf3862db769d5d659313b50ec37d802a907d1c99e8c6ebac2dd8d2b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 1493357
content-length: 3138
x-hcdn-cache-status: HIT
last-modified: Thu, 02 Nov 2023 17:35:14 GMT
server: hcdn
etag: "3be3-6543ddd2-ffc5a19c7fa12268;br"
x-hcdn-request-id: 0ea98c011dde5d21c8fc13aac8e29175-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 13 Nov 2023 08:56:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 318ms
55ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:200,300,400,900|Montserrat:100,200,300,600,900|Caladea:400,700

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a85b539ce45276530dfde14eb3cc17ee9c47296e10925372ec6686ac73532fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 15:45:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:44 GMT

GET
H2 200 estilo.min.css
portalnovonorte.com.br/tema/v8/estilo/ 167 KB
19 KB 65ms
59ms Stylesheet
text/css 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/estilo/estilo.min.css?v=8ab69089

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

62104e0fc50702d04f6753b624b5b1568b8a000f28f4edd1b22565c40ad446a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 2175978
content-length: 19390
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "29b93-6519be81-3cb7ad44404c38c4;br"
x-hcdn-request-id: ec419fa5ba981ef7db67ca1db89bb6a6-srv-edge2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Sun, 05 Nov 2023 11:19:26 GMT

GET
H2 200 fonts.css
portalnovonorte.com.br/tema/v8/fonts/ 5 KB
899 B 66ms
60ms Stylesheet
text/css 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/fonts/fonts.css?v=8ab69089

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

c55975a0bbffdf56902ecc632326120309590360f83567ebdc5dddaab13c946a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 2175977
content-length: 772
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "1210-6519be81-f5c701fda1f68d09;br"
x-hcdn-request-id: c56817b35287a29149f0f61bbe994a76-srv-edge2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Sun, 05 Nov 2023 11:19:27 GMT

GET
H2 200 enquetes.min.css
portalnovonorte.com.br/tema/v8/estilo/ 5 KB
1 KB 66ms
60ms Stylesheet
text/css 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/estilo/enquetes.min.css?v=8ab69089

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

3310d875cd46eb110231429849612ed8584c4e5801a39040cd50765082e76c63

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 2175979
content-length: 1122
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "1262-6519be81-d45d497ec5a178e2;br"
x-hcdn-request-id: 6647bafac360635b69ef5265fd17ebff-srv-edge2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Sun, 05 Nov 2023 11:19:25 GMT

GET
H2 200 enquetes.min.js Show response
portalnovonorte.com.br/tema/v8/js/ 4 KB
1 KB 67ms
62ms Script
application/x-javascript 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/js/enquetes.min.js?v=a7eab853

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

c190d1bb7c06a1933dcc6f0a2043233ecbc2d2ce35d89d89dd7c3bf08c9f7831

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 2175976
content-length: 1100
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "f96-6519be81-aee4f5a2cae93365;br"
x-hcdn-request-id: 4fc4804f2bd1386a98a82ebc865bb4e6-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Sun, 05 Nov 2023 11:19:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 319ms
58ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CYK3GQXNDV

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42c191fd3064e8b3e8d73991754c25826737c23ca784e889d71041d2278fd0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 15:45:45 GMT

GET
H2 200 politica-privacidade.min.css
portalnovonorte.com.br/plugins/politica_privacidade/css/ 4 KB
1 KB 65ms
60ms Stylesheet
text/css 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/plugins/politica_privacidade/css/politica-privacidade.min.css

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 1493356
content-length: 1021
x-hcdn-cache-status: HIT
last-modified: Thu, 02 Mar 2023 13:15:06 GMT
server: hcdn
etag: "f62-6400a15a-81269a8924008dbe;br"
x-hcdn-request-id: bdfb3a846f54f2d5262471f4b1dcbe48-srv-edge2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 13 Nov 2023 08:56:28 GMT

GET
H2 200 politica-privacidade.min.js Show response
portalnovonorte.com.br/plugins/politica_privacidade/js/ 19 KB
6 KB 67ms
62ms Script
application/x-javascript 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/plugins/politica_privacidade/js/politica-privacidade.min.js

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 1493356
content-length: 6169
x-hcdn-cache-status: HIT
last-modified: Thu, 02 Mar 2023 13:15:06 GMT
server: hcdn
etag: "4d5a-6400a15a-376b2e3b663026df;br"
x-hcdn-request-id: 0f1cfafe820f012e165c5e971d118b0e-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 13 Nov 2023 08:56:28 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 126ms
44ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1886
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 82aa8a82ab967199-LHR
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 15:45:45 GMT

GET
H2 200 taboola.js Show response
portalnovonorte.com.br/plugins/d1_taboola/js/ 486 B
347 B 66ms
62ms Script
application/x-javascript 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/plugins/d1_taboola/js/taboola.js?v=2

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

bedcdcbf2eeafd567f8da8d8ac3e5b41c663957db35b7f1a1f031ad3aa73337b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 1493356
content-length: 227
x-hcdn-cache-status: HIT
last-modified: Wed, 28 Jul 2021 18:29:01 GMT
server: hcdn
etag: "1e6-6101a1ed-53f57ec348db2bb0;br"
x-hcdn-request-id: 4eca48cbdd4b20d2d4a6aeed0a6688d2-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 13 Nov 2023 08:56:28 GMT

GET
H2 200 c906b416c5411b346f3b6dadc18f2f78.png
portalnovonorte.com.br/img/ 8 KB
8 KB 66ms
63ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/img/c906b416c5411b346f3b6dadc18f2f78.png
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 08e3e8b5ddfd50fcd50016d714064d58e504f224c1c16296fbf49a531ca9e1fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 18198
x-hcdn-request-id: e7980078cea5d597872fc3a716efd3f6-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 7992
expires: Thu, 30 Nov 2023 10:42:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 196ms
88ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8787644639509776

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c4ee94be481ed12d5f2d1177cf4c764693d3d303fafb71108f4d884810278a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52923
x-xss-protection: 0
server: cafe
etag: 13513775204160705246
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:45 GMT

GET
H2 200 sem-foto.jpg
portalnovonorte.com.br/img/ 1 KB
2 KB 118ms
116ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/img/sem-foto.jpg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: a17abfd5c92173b46b4594760d74c781cc5980c0e9d445b5681c912ce8f9995e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 18198
x-hcdn-request-id: 208bd9f4ddd1ec22262e1d981c812749-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 1534
expires: Thu, 30 Nov 2023 10:42:26 GMT

GET
H2 200 d4a2940370cf23e3d621fcc1a2e5b98d.png
portalnovonorte.com.br/images/anuncios/ 12 KB
12 KB 57ms
56ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/anuncios/d4a2940370cf23e3d621fcc1a2e5b98d.png
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 788f136f92f33244c1ab40f543bda3b862a108fd4de27c80fde7c48cd9efe68a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 18199
x-hcdn-request-id: 8ed71510c03f4607b5c93dd7f93ff664-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 12202
expires: Thu, 30 Nov 2023 10:42:26 GMT

GET
H2 200 site2.min.js Show response
portalnovonorte.com.br/tema/v8/js/ 315 B
306 B 63ms
53ms Script
application/x-javascript 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/js/site2.min.js?v=a7eab853

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

08bd496a10b639cac1a2fc4e4abfcf75ffbb4d8d98f06063e30ac08ef8c5ea45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 2175973
content-length: 177
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "13b-6519be81-a311c74071a63ff1;br"
x-hcdn-request-id: e87d275bcd9489f44ce1d16f186b9a08-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Sun, 05 Nov 2023 11:19:31 GMT

GET
H2 200 load-img.min.js Show response
portalnovonorte.com.br/tema/v8/js/ 2 KB
1002 B 64ms
54ms Script
application/x-javascript 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/js/load-img.min.js?v=a7eab853

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

07fb7d12970cc724e9a81606d59766f4722a107c0d0ae708d620db3afb72c46e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 2175971
content-length: 869
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "8f5-6519be81-f6f71b2d45c0208e;br"
x-hcdn-request-id: d712762dad65e2d19e48affcc6acd28c-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Sun, 05 Nov 2023 11:19:33 GMT

GET
H2 200 owl.carousel-min.js Show response
portalnovonorte.com.br/tema/v8/js/ 43 KB
11 KB 56ms
56ms Script
application/x-javascript 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/js/owl.carousel-min.js?v=a7eab853

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 2175970
content-length: 10979
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "ad3c-6519be81-54b39e8f3699eaa3;br"
x-hcdn-request-id: 61e6dc488090feb9a20a0400e3dec674-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Sun, 05 Nov 2023 11:19:34 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 134ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/tema/v8/js/site.min.js?v=52e3c34f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9cfc12e2cbc2ac93a44399f947063682fd5309b7e50fe02ec8281d84fd6314b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:45:45 GMT
content-md5: x6VhaWnRramz2+YwwNlZww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: FplVf3OYdAH3wbYUo3i2zdBrmc1O/MOuwFhfoAxXyhtvLQe2m0uxWW21Na86vodaCwyDbQpTJApw3BKvZGMSGw==
x-fb-content-md5: 98abc690b112ebc6b5ba631555ca92d3
cross-origin-opener-policy: same-origin-allow-popups
etag: "c9768f647bc58eb85b2640b42a5bc09a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 23 Nov 2023 16:00:09 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/portalnovonorte-network/ 369 KB
53 KB 128ms
72ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/portalnovonorte-network/loader.js
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/plugins/d1_taboola/js/taboola.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b7dbc0844e6295605e93644c8cb0392dece82678820f41bf9dcf00f7395097e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: yGzugAvuWvVzgCym9nYeG0QDUFlOM7TY
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Nov 2023 15:45:45 GMT
x-amz-request-id: W0SJEB22M1AMHC17
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 15
x-amz-replication-status: FAILED
content-length: 53347
x-amz-id-2: zG9LxjPDip4xp5TNiygf9+PruLB257isMfCvUp1Tkhe/sF1yxjpoF0j/e1T/dlOB/FVaAgUoPNk=
x-served-by: cache-man4138-MAN
last-modified: Thu, 23 Nov 2023 15:45:45 UTC
server: nginx
x-timer: S1700754345.367523,VS0,VE38
etag: "eca91fd89c7a54700eac0e875e764610b2035620"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 27
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 29c60e8cce9e070ccd32fcfda7a5c527.js Show response
scripts.cleverwebserver.com/ 126 KB
46 KB 189ms
109ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/29c60e8cce9e070ccd32fcfda7a5c527.js
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3504357a4062f9e424468febcf682805e5aa55f8cbd952a0c0db574b25a1db72

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
x-amz-version-id: tEz0r_ODhjye7FRU26CGQRZtvyMVkY91
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 10 Nov 2023 18:58:03 GMT
server: cloudflare
x-amz-request-id: NMWHFM8A9YCQTHZP
etag: W/"57ad8bcaa8f480371be2822b98d096ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 82aa8a82b9bc35dc-LHR
x-amz-id-2: knr4RgM2YYRbGQ8SATbuulEpUwVZF25IssQ7b5Swib17NngUUo2/FMjmexti6Lapkx02S+V+OPY=
expires: Thu, 23 Nov 2023 16:15:45 GMT

GET pontos-ads.png
www.srv2lenium.com.br/tema/v8/img/ 0
0

GET
H2 200 topo.ttf
portalnovonorte.com.br/tema/v8/fonts/ 9 KB
6 KB 59ms
56ms Font
application/x-font-ttf 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/fonts/topo.ttf?of1sb6

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/tema/v8/fonts/fonts.css?v=8ab69089

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

b72c1bb1c06acfbaf7ba080e1db6595fb0bb506b4e76cf53b9032185763d81c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://portalnovonorte.com.br/tema/v8/fonts/fonts.css?v=8ab69089
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 1493356
content-length: 5492
x-hcdn-cache-status: HIT
last-modified: Sun, 01 Oct 2023 18:46:25 GMT
server: hcdn
etag: "22d4-6519be81-6ad3cdc9fdb61934;br"
x-hcdn-request-id: 04daef290b5c6a133738addb96cc2d6d-srv-edge2
content-type: application/x-font-ttf
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 13 Nov 2023 08:56:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 145ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,900|Montserrat:100,200,300,600,900|Caladea:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 498003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:25:42 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 195ms
92ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,900|Montserrat:100,200,300,600,900|Caladea:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 595600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 18:19:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 225ms
123ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,900|Montserrat:100,200,300,600,900|Caladea:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:18 GMT
x-content-type-options: nosniff
age: 500127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 20:50:18 GMT

GET
H2 200 kJEzBugZ7AAjhybUvRh9-g.woff2
fonts.gstatic.com/s/caladea/v7/ 20 KB
20 KB 232ms
130ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caladea/v7/kJEzBugZ7AAjhybUvRh9-g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,900|Montserrat:100,200,300,600,900|Caladea:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8b687b97eee21e426bd2e2b66d93f848436b8bf885912ddf5f71149fbe62ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 00:29:34 GMT
x-content-type-options: nosniff
age: 486971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20584
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 00:29:34 GMT

GET
H2 200 kJE2BugZ7AAjhybUtaNY790SqQ.woff2
fonts.gstatic.com/s/caladea/v7/ 20 KB
20 KB 153ms
52ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caladea/v7/kJE2BugZ7AAjhybUtaNY790SqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,900|Montserrat:100,200,300,600,900|Caladea:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04f388bfcafeea6847930d0f67c5da67decc6cb5a2188792a7d54cae57739b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:36:41 GMT
x-content-type-options: nosniff
age: 511744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20568
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:36:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 113ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CYK3GQXNDV&gtm=45je3b81v889296529&_p=1700754345297&gcd=11l1l1l1l1&dma=0&cid=679381125.1700754345&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700754345&sct=1&seg=0&dl=https%3A%2F%2Fportalnovonorte.com.br%2F&dt=Portal%20Novo%20Norte%20-%20Saiba%20tudo%2C%20saiba%20primeiro&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1752
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CYK3GQXNDV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalnovonorte.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ajax.php Show response
portalnovonorte.com.br/tema/v8/ 714 B
722 B 370ms
369ms XHR
application/json 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://portalnovonorte.com.br/tema/v8/ajax.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/7.1.33

Resource Hash

eeeda2bd31a518bd0173fb2d54b22bfe6f24ff66347ed7f83e21d1bedf4083bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://portalnovonorte.com.br/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:45 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: hcdn
x-powered-by: PHP/7.1.33
x-hcdn-request-id: 6b8c733b7c6d41c517d66a16227acb6b-srv-edge2
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.314
accept-ranges: bytes
platform: hostinger
content-length: 445
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 48ms
42ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1886
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 82aa8a83dd3f7199-LHR
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 15:45:45 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 302 KB
86 KB 90ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=630b5e0a7f7b49cb76fce41a84ffa37c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc00f8292c47dedce67b9ce7a331cdb880e0d5607a88faff4e19054f36c4a035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalnovonorte.com.br/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:45:45 GMT
content-md5: SAr0FzUXWvGqjYp/K+vtfA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88348
reporting-endpoints
x-fb-debug: 9I4/fpcMtJiEN2xPky7WTGgUpYviFlB4/mc8H9BZIMNWeRLv51GmAyAIRTc60y0u8CcZUabBiANN2t3MMBm5sA==
x-fb-content-md5: 6cbfdeec8387b367c606d71b3668c5bd
cross-origin-opener-policy: same-origin-allow-popups
etag: "7368bd169ea29c604cd6cef0d85be426"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Nov 2024 14:52:44 GMT

GET
H2 200 impl.20231121-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 25ms
24ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portalnovonorte-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: .OFe27GFVgVcPluhORKfWeGZNdME4IaV
content-encoding: br
via: 1.1 varnish
date: Thu, 23 Nov 2023 15:45:45 GMT
x-amz-request-id: RM54WKMJDR6AT305
age: 17892
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173606
x-amz-id-2: 3ttjcxThww6Hs/PwdE7qKI4pSHSsSwmzHRXGtXqWTwtZ7KAXocu6yK2rTJZXubE10dU0dfLrwhI=
x-served-by: cache-man4138-MAN
last-modified: Tue, 21 Nov 2023 10:47:31 GMT
server: AmazonS3-br
x-timer: S1700754346.607404,VS0,VE0
etag: "e14d5158d1e05939397417dd5bb9b1d9"
vary: Accept-Encoding
content-type: application/javascript
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 23779

GET 7978f145783835d0595b079bb38414b4.jpeg
str1.lnmimg.com/img/2023/11/23/ 0
0

GET
H2 200 e4f4269b904bbc9fd175c52965d42abb.jpg
portalnovonorte.com.br/images/noticias/56458/ 82 KB
82 KB 667ms
657ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/noticias/56458/e4f4269b904bbc9fd175c52965d42abb.jpg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: ee91bc4735a8dad9eed8963eae1534f71d41022e4286cb5d85cb0f1b29503a18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:46 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 38bcd21063f14d3a6ebcfc9068399f81-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.604
accept-ranges: bytes
content-length: 83732
expires: Thu, 30 Nov 2023 15:45:45 GMT

GET
H2 200 6b4f43946fde97161a47fe9201ba258c.jpg
portalnovonorte.com.br/images/noticias/56459/ 73 KB
73 KB 722ms
712ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/noticias/56459/6b4f43946fde97161a47fe9201ba258c.jpg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: a452acf8001d273742879922647377c935f4199529a52d25f0a833cb89325d2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:46 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 8e68054247ecb45be97a6301ce744441-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.631
accept-ranges: bytes
content-length: 74752
expires: Thu, 30 Nov 2023 15:45:45 GMT

GET
H2 200 372cd4d150da30e790edf24c92500221.jpg
portalnovonorte.com.br/images/noticias/56480/ 60 KB
60 KB 63ms
54ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/noticias/56480/372cd4d150da30e790edf24c92500221.jpg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: eb1497c3cbb069ff26d29a104cb56e417f455431ef73994cc56911e351434859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 3648
x-hcdn-request-id: ffdc151b1969b05720117d42ae7aaea9-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 61780
expires: Thu, 30 Nov 2023 14:44:57 GMT

GET
H2 200 815398ecdb5804d25f30efd07aee9c4f.jpg
portalnovonorte.com.br/images/noticias/56467/ 42 KB
43 KB 552ms
543ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/noticias/56467/815398ecdb5804d25f30efd07aee9c4f.jpg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 474f12eb1dbe62fdd1413dbe1444f5f4f1bbd1a079d43222a4e66b9f818bfc4c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:46 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 481b295b263a40faf0ac08e1da083d9c-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.490
accept-ranges: bytes
content-length: 43448
expires: Thu, 30 Nov 2023 15:45:45 GMT

GET 3e3041c5668aa25e9bdbba568596ccc7.jpeg
str1.lnmimg.com/img/2023/11/23/ 0
0

GET 2f0dd8dd3acc4f03b4096954bd30393c.jpeg
str1.lnmimg.com/img/2023/11/23/ 0
0

GET
H2 200 d9f724b1c4b6bff01e7d030f0f7edf0b.jpeg
portalnovonorte.com.br/images/noticias/56448/ 13 KB
13 KB 542ms
536ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/noticias/56448/d9f724b1c4b6bff01e7d030f0f7edf0b.jpeg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: ae234a759cd9b175241edfb3ca4de6483a6cc1ca1bf89866b277589b8b801a65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:46 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 3491239f270180c5281be6be7736165e-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.482
accept-ranges: bytes
content-length: 13184
expires: Thu, 30 Nov 2023 15:45:45 GMT

GET
H2 200 a74c86d6f20d68d3cfa03cfa44cea670.jpg
portalnovonorte.com.br/images/noticias/56320/ 79 KB
79 KB 756ms
750ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/noticias/56320/a74c86d6f20d68d3cfa03cfa44cea670.jpg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: fccc29ae8321964360af5d03ab89ae855dee0ba4d19368bf5f1a358f78677ef8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:46 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 26fa6fc3c44ea9daeffd5aea5481925f-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.697
accept-ranges: bytes
content-length: 80600
expires: Thu, 30 Nov 2023 15:45:45 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 161 B
384 B 147ms
125ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57424b0e58d1522cfc6619895b77c6b25f62ec18e6566e2321bce1dafeac54c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 82aa8a84dcb535dc-LHR
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 211ms
125ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8787644639509776&plah=portalnovonorte.com.br&bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8787644639509776

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f6b549bee002cd3949cd407bbd971c42c2a12b503686808f87eaba68a2e0e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137287
x-xss-protection: 0
server: cafe
etag: 13082411595460428244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:45 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 4D85 9 KB
4 KB 137ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8787644639509776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 64105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:57:20 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 21:57:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/c8ea41be-9716-4545-b4bd-135ade8894b5/ 5 KB
2 KB 127ms
105ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/c8ea41be-9716-4545-b4bd-135ade8894b5/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0873d73a6bae4d769f82cdb200f19ca140420d3db611d9910adf325553d95a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5242d898-de61-4297-9a7a-6feba1ad2087
x-runtime: 0.037228
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c0873d73a6bae4d769f82cdb200f19ca"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 82aa8a85bf507199-LHR
access-control-allow-headers: SDK-Version
expires: Thu, 23 Nov 2023 16:45:45 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 116ms
45ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 219893
expires: 60

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 183ms
53ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=pt-BR

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9214100f469276adac5738c9f30319c83fbfad8f063cb25c46e88972f126713

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 15:45:46 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
129 B 88ms
78ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=65704&c=GB&r=ENG&l=202&b=Chrome&os=Win10&mob=0&v=1.55.3&ref=aHR0cHM6Ly9wb3J0YWxub3Zvbm9ydGUuY29tLmJyLw%3D%3D&ruri=&iv=-1&ctr=GB&sz=1200
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82aa8a865f0135dc-LHR
content-length: 43
content-type: image/gif

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5766 534 KB
100 KB 726ms
724ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&adk=1812271804&adf=3025194257&lmt=1700754346&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_r&format=0x0&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345720&bpp=7&bdt=1221&idt=346&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=812354201708&frm=20&pv=2&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=395

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8787644639509776&plah=portalnovonorte.com.br&bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31ed43e8eae57fcf56c0f387a0fc0d7ba7c80ddc74287a7dc1811bff25c5c71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101711
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Thu, 23 Nov 2023 15:45:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 926A 740 B
533 B 473ms
471ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=90&slotname=2817550709&adk=621363279&adf=2168434028&pi=t.ma~as.2817550709&w=970&lmt=1700754346&format=970x90&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345727&bpp=2&bdt=1228&idt=395&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=403

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39abd4134d9a69374083de6633f502d5f9f6784d809f35721b994adcde115d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Thu, 23 Nov 2023 15:45:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B544 740 B
539 B 316ms
315ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=90&slotname=6178404730&adk=1501959591&adf=246414136&pi=t.ma~as.6178404730&w=728&lmt=1700754346&format=728x90&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345729&bpp=1&bdt=1230&idt=407&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=414

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d6a35c8f8a69f25057b8eefc0a890f7a6823476b902e8532946fd8cda259510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Thu, 23 Nov 2023 15:45:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 102D 740 B
588 B 301ms
298ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=6861270322&adk=1690502907&adf=3515562525&pi=t.ma~as.6861270322&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345730&bpp=1&bdt=1231&idt=416&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=1654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=425

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7709441be61c4cfa3325864862cff11c50901f96661b2ebcb6da64a09f7f989a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Thu, 23 Nov 2023 15:45:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 467 KB
188 KB 145ms
41ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pt_br.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=pt-BR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf4f232f1c61e2391e84c41f78a8ba0b43f8079ca51c51eb3b2419bdf5e1e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Origin: https://portalnovonorte.com.br
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 19:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191961
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 19:10:23 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6385 740 B
534 B 376ms
376ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=9921374470&adk=850486544&adf=453346265&pi=t.ma~as.9921374470&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345731&bpp=1&bdt=1232&idt=428&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=2441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=434

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f6f09449481ffa7f1d6c30245b76b92f723444b362689cbca63249667f53fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Thu, 23 Nov 2023 15:45:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C0A0 740 B
537 B 344ms
343ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=3662910279&adk=1297973281&adf=891839204&pi=t.ma~as.3662910279&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345731&bpp=1&bdt=1232&idt=439&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=447

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b266cabd425115bb2d2e5832c8ba939a92ad526a85f8824214f932e3a32ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Thu, 23 Nov 2023 15:45:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8266 740 B
541 B 441ms
437ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=250&slotname=8608292800&adk=4181925763&adf=4201705311&pi=t.ma~as.8608292800&w=300&lmt=1700754346&format=300x250&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754345732&bpp=1&bdt=1233&idt=448&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=456

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4edc9ac9637f25a5cce3615d640cbf4d621029aedfbec95a951e2a4f87ac2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Thu, 23 Nov 2023 15:45:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9F82 61 KB
35 KB 70ms
69ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r&co=aHR0cHM6Ly9wb3J0YWxub3Zvbm9ydGUuY29tLmJyOjQ0Mw..&hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ykvd1rfbmu8z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pt_br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2861cdd2726765a764a2bbe8343375753764aeb8fefe576f54cc5984af7ae8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ruAh0SbLhhan6qZ_dZf30g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ruAh0SbLhhan6qZ_dZf30g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 9F82 55 KB
24 KB 130ms
43ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r&co=aHR0cHM6Ly9wb3J0YWxub3Zvbm9ydGUuY29tLmJyOjQ0Mw..&hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ykvd1rfbmu8z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 13:17:57 GMT

GET
H3 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 9F82 467 KB
188 KB 151ms
65ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pt_br.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf4f232f1c61e2391e84c41f78a8ba0b43f8079ca51c51eb3b2419bdf5e1e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 19:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191961
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 19:10:23 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079757

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96d8a40612ca2a02e79f3f07e27bd131f06c5f47b720baf29bb023805ac93ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55855
x-xss-protection: 0
server: cafe
etag: 5433861095926155315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
DATA 200
OK truncated
/ Frame 9F82 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9F82 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9F82 2 KB
2 KB 44ms
44ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:32:18 GMT
x-content-type-options: nosniff
age: 443609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 25 Nov 2023 12:32:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9F82 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 478064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 02:58:03 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C75 119 KB
41 KB 733ms
732ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=1418185256&adf=4190026705&pi=t.aa~a.2215190445~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=1200x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=2&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4032324a554950b6741a7bb9ef33d1095c9742fcd26d556b4c5b19dd884bee55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41870
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:47 GMT
expires: Thu, 23 Nov 2023 15:45:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0BC 168 KB
49 KB 667ms
666ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8abd5bb1b92503c91d4cfd1e6cd8d0445a43aa245d54e86a2794fa36ec08185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50387
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:47 GMT
expires: Thu, 23 Nov 2023 15:45:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B17 153 KB
44 KB 446ms
444ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=3489070486&pi=t.aa~a.2983941107~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280%2C368x280&nras=4&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=7&fsb=1&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bf5caeb030e5564329b58602b19d8bc757721b45300869ef919a00674f47ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45338
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:47 GMT
expires: Thu, 23 Nov 2023 15:45:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9F82 105 B
138 B 56ms
55ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ed34a9cd0c200f328d79db6c9fc312383959cfb59bab01483b56b2f895e258d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r&co=aHR0cHM6Ly9wb3J0YWxub3Zvbm9ydGUuY29tLmJyOjQ0Mw..&hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=ykvd1rfbmu8z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 2692 9 KB
4 KB 43ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 68130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 11CE 9 KB
4 KB 48ms
47ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 68130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 1D88 9 KB
4 KB 45ms
45ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 68130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2692 4 KB
770 B 54ms
53ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 13:47:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2692 205 B
229 B 45ms
44ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 577131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2692 604 B
628 B 49ms
48ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:49:16 GMT
x-content-type-options: nosniff
age: 68191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Nov 2024 20:49:16 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2692 15 KB
7 KB 146ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:27:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2692 21 KB
9 KB 149ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:59:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 11CE 14 KB
1 KB 51ms
51ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 15:12:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 11CE 2 KB
903 B 187ms
104ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 11CE 23 KB
9 KB 181ms
103ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 11CE 3 KB
1 KB 183ms
105ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 11CE 20 KB
8 KB 127ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11CE 202 KB
64 KB 105ms
103ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 11CE 37 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 1D88 9 KB
4 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:27 GMT

GET
H3 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 1D88 11 KB
5 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 08:31:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1D88 14 KB
1 KB 53ms
53ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 14:41:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1D88 2 KB
856 B 173ms
108ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1D88 23 KB
9 KB 170ms
107ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1D88 3 KB
1 KB 163ms
101ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1D88 20 KB
8 KB 141ms
81ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D88 202 KB
64 KB 133ms
128ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 1D88 37 KB
15 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7F6D 14 KB
1 KB 61ms
61ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 15:12:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7F6D 2 KB
856 B 79ms
63ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 7F6D 23 KB
9 KB 80ms
64ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E501 143 B
166 B 76ms
69ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7F6D 3 KB
1 KB 88ms
76ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7F6D 20 KB
8 KB 83ms
72ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F6D 202 KB
64 KB 119ms
116ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 7F6D 37 KB
15 KB 54ms
48ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H2 200 10877801428445852470
tpc.googlesyndication.com/simgad/ Frame 1D88 2 KB
2 KB 53ms
43ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10877801428445852470?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92b795f065d15976b837b5fcd13ee6136368b21973f79168552b259c4f15db25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:55:46 GMT
x-content-type-options: nosniff
age: 201001
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1952
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 17:06:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Nov 2024 07:55:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8ECB 143 B
166 B 48ms
47ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame F9DA 9 KB
4 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=3489070486&pi=t.aa~a.2983941107~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280%2C368x280&nras=4&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=7&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:27 GMT

GET
H3 200 7c8fef2b841c224dc9dd256dc808a409.js Show response
www.gstatic.com/mysidia/ Frame F9DA 42 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16607
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:24:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9DA 2 KB
822 B 50ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 15:51:29 GMT

GET
H3 200 b91a06220cfa130b0e547db55a85d66b.js Show response
www.gstatic.com/mysidia/ Frame F9DA 23 KB
10 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9816
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:24:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F9DA 23 KB
9 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9DA 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9DA 20 KB
8 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F9DA 0
0 67ms
67ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWt-e6monOjqckPL0ufdjWg4F-nE-6yRZLDBXLC6uEvrJcAIld0rTVqRNiGG0fxDlgAMbMmv1t46hG4RBhm_cdsmT5BA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=3489070486&pi=t.aa~a.2983941107~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280%2C368x280&nras=4&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=7&fsb=1&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9DA 202 KB
64 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:47 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame F9DA 37 KB
15 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
DATA 200
OK truncated
/ Frame 1D88 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e43e7ee3857ad0a7ca00786b31032e1f556adc26f5b952134c9de3bdf5cf3552

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame E0BC 9 KB
4 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:27 GMT

GET
H3 200 07977d2b7ee0aecb6f84611ef43cb16f.js Show response
www.gstatic.com/mysidia/ Frame E0BC 145 KB
53 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983de16021c17f275be68a5ad52f44a35b33d2cc6441f030c8e062550194f283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 13:52:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E0BC 14 KB
1 KB 56ms
54ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 14:12:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E0BC 21 KB
1 KB 57ms
56ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 14:16:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E0BC 2 KB
822 B 69ms
68ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 15:51:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E0BC 23 KB
9 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E0BC 3 KB
1 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame E0BC 67 B
91 B 44ms
43ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:28:07 GMT
x-content-type-options: nosniff
server: cafe
age: 80261
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Thu, 23 Nov 2023 17:28:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E0BC 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E0BC 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNK1Ig5LMKSuLcB9IOert9QqLDuiR_3oaGsjLtCmeNztXMo7PVAbrehmTdIFLvDNJzH66C9y1pHNdp8-tzPVOt119SWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0BC 202 KB
64 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:48 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame E0BC 37 KB
15 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5C75 6 KB
706 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=1418185256&adf=4190026705&pi=t.aa~a.2215190445~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=1200x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=2&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 14:42:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 15:45:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5C75 2 KB
822 B 44ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 15:51:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5C75 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5C75 3 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5C75 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5C75 0
0 51ms
49ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkb969dqQtajfENIZ7IzmiJNxNy7EVE8mU2ZF6Upnd3WzgBcHuk1-NgxhIs8aAFgVnEjXKkhmsXsiuXdCEiYt-hjn0pw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=1418185256&adf=4190026705&pi=t.aa~a.2215190445~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=1200x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=2&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C75 202 KB
64 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:45:48 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 5C75 37 KB
15 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5083 7 KB
1 KB 72ms
61ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pt_br.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6afbe57870d3e51a7bfd29e577d13cfd54a61c4cdf002a65320d4e79870f86f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3yaGPnqBkytUHBqkh_gygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3yaGPnqBkytUHBqkh_gygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E501
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
52ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:48 GMT
expires: Thu, 23 Nov 2023 15:45:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1D88 33 KB
33 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 196590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 81BF 1 KB
643 B 67ms
57ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DB0 39 KB
15 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8525102810938990952/ Frame 5C75 58 KB
58 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8525102810938990952/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4d5357dbc8302026d7b921fe488ac446b999045015f29d5145497527d6f1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:17:06 GMT
x-content-type-options: nosniff
age: 458922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59726
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 22:26:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Nov 2024 08:17:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8ECB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
60ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:48 GMT
expires: Thu, 23 Nov 2023 15:45:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C9A 39 KB
15 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/ Frame C271 3 KB
1 KB 53ms
45ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb3942faba651464aaea96b15db4fe562627010e9b088ec04c8b64361564e41

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 478048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1173
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 02:58:20 GMT
expires: Sun, 17 Nov 2024 02:58:20 GMT
last-modified: Mon, 20 Mar 2023 14:33:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F166 1 KB
643 B 63ms
44ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F9DA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28f5ed6cf45245d66c1ba99eac35d16c1bdcd7f6982ad04055971438b7d2570d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F9DA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CItZtq3NfZbPFDJ2x9u8PwdCjqAOp09-vdOOmuJmGEpS_tauuARABIPGsg3dgu4aAgNAKoAHg8oC_AcgBCagDAcgDSKoEkAJP0OCot3ST7MwalLk3PKBW_NGU5TOTtJRQYP6hnWze_zgzrBI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215413639141132339477%22,%22debug_reporting%22:true,%22destination%22:%22https://livebeam.com%22,%22event_report_window%22:...

0
0

173ms
76ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215413639141132339477%22,%22debug_reporting%22:true,%22destination%22:%22https://livebeam.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22400570720%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227618693367088084193%22}&andc=true

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15413639141132339477","debug_reporting":true,"destination":"https://livebeam.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["400570720"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"7618693367088084193"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:45:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 15:45:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15413639141132339477","debug_reporting":true,"destination":"https://livebeam.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["400570720"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"7618693367088084193"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame E0BC 0
226 B 165ms
41ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpbd860h&c=3589512578299&slotId=1794756289149.5&qqid=CN6d3NW72oIDFZKe_QcdY6UEvg&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8525102810938990952/ Frame E0BC 58 KB
58 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8525102810938990952/14763004658117789537

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms_cta_adjustment

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4d5357dbc8302026d7b921fe488ac446b999045015f29d5145497527d6f1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:17:06 GMT
x-content-type-options: nosniff
age: 458922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59726
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 22:26:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Nov 2024 08:17:06 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6859908786643225887/ Frame E0BC 4 KB
5 KB 50ms
49ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6859908786643225887/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8003dc5f77959bbb6bf2af53527cc944cb47e9e65181af3c0fb8b1047d27bd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:46:21 GMT
x-content-type-options: nosniff
age: 25167
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4591
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 05:56:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Nov 2024 08:46:21 GMT

GET
DATA 200
OK truncated
/ Frame E0BC 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 5083 55 KB
24 KB 46ms
43ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 13:17:57 GMT

GET
H3 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 5083 467 KB
188 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pt_br.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lcoi8cbAAAAAO0HukQ4F4yZEReEvaJCzZKJVe2r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf4f232f1c61e2391e84c41f78a8ba0b43f8079ca51c51eb3b2419bdf5e1e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 19:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191961
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 19:10:23 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C271 6 KB
3 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 24 Nov 2023 08:19:57 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C271 34 KB
13 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 24 Nov 2023 13:31:21 GMT

GET
H3 200 createjs.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/1.0.0/ Frame C271 236 KB
63 KB 49ms
48ms Script
application/x-javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/1.0.0/createjs.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 22:07:40 GMT
age: 63488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64184
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 14:33:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 22:07:40 GMT

GET
H3 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/ Frame C271 32 KB
9 KB 67ms
67ms Script
application/x-javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1eb74451a0cac5115fb598f7ca439d6143aa1bd26c999bfe9889f6121514a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 22:07:40 GMT
age: 63488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9033
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 14:33:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 22:07:40 GMT

GET
H3

206

videoplayback
r4---sn-5hne6n6e.gvt1.com/ Frame E0BC
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=ip,ipbits,expire,id,...
https://r2---sn-aigzrnss.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
https://r4---sn-5hne6n6e.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

2 MB
2 MB

366ms
261ms

Media
video/mp4

2a00:1450:400e:17::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hne6n6e.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=711C4695339ED6C213A77CC8C81B95BFA02B2498.36187C11F4CEC16DDD0574B7F31782309166288D&key=cms1&mh=4g&pl=48&redirect_counter=1&cm2rm=sn-aige6l7l&req_id=356e7b24238d36e2&cms_redirect=yes&mip=2001:ac8:21:e::8&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1700754052&mv=m&mvi=4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Server

2a00:1450:400e:17::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

006ef6ca79c3fa2a7771b6fe0705d0287fad1e48c37747c21426fb7871e3cf6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 23 Nov 2023 15:45:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 12:03:07 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1580121/1580122
cache-control: private, max-age=6898
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1580122
expires: Thu, 23 Nov 2023 15:45:49 GMT

Redirect headers

date: Thu, 23 Nov 2023 15:45:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/html
location: https://r4---sn-5hne6n6e.gvt1.com/videoplayback?id=fc1c5ad6a4e8082b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1700761547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=711C4695339ED6C213A77CC8C81B95BFA02B2498.36187C11F4CEC16DDD0574B7F31782309166288D&key=cms1&mh=4g&pl=48&redirect_counter=1&cm2rm=sn-aige6l7l&req_id=356e7b24238d36e2&cms_redirect=yes&mip=2001:ac8:21:e::8&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1700754052&mv=m&mvi=4
cache-control: private, max-age=900
content-length: 0
expires: Thu, 23 Nov 2023 15:45:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 564A 1 KB
643 B 45ms
41ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5C75 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 386576a023bf9911cc6db5dcf73818d593cf477e9d23e3bf107dca99de4d1e87

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 186ms
86ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 15:45:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E0BC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d66c9a22d3f45eb554da05682ee7a520cc1be6230034ea8800ae147a0fc36b5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1D88
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIghCqnNfZaaXCtGA9u8PwfW28AKM3YbLbvnJvcKrEMCNtwEQASDxrIN3YLuGgIDQCqABjezk2QLIAQGpAk9d9X9sfKg-qAMByAPLBKoEiAJP0N0dsnVo3RiEb9QXDR5gEKr8Npt2AsYYE3Z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213686888696900460967%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%2...

0
0

76ms
75ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213686888696900460967%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226091966200934158529%22}&andc=true

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13686888696900460967","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"6091966200934158529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:45:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 15:45:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13686888696900460967","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"6091966200934158529"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 81BF 35 B
464 B 179ms
50ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL1mrOoiP2eVHG6tHv06MAI&google_cver=1&google_push=AXcoOmTmXfNAFaZhdPtjmGTlJLf_sKirrXfnzWccdMdF8egi_OUpN9WdWE98ljpyjDSlB3Z_G70DK6XmQ0wPuC48MUborvjH1d1nYzg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 81BF 0
104 B 273ms
120ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC8nB-pw02twEsLS9Ey4B4Q&google_cver=1&google_push=AXcoOmToLJ5p1WjPOc1A0IBZLMyJLxGi2L3XbMfv2s-F8IK3WcwrPCbdZOsgyjkTutSMLzgVlEhdjYs7XCGnZ3YxPLImYwyyUgCdliO7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=1418185256&adf=4190026705&pi=t.aa~a.2215190445~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=1200x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=2&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 81BF 70 B
150 B 171ms
44ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGsauSkdtOLlnFNj8Dkt0OY&google_cver=1&google_push=AXcoOmR0NbchUBKybX2RIj1hXNFTuZHKR4hcE5gjC9sKTEzlL-IRk9F9FohGLlyNnIdStZoyM5F2F6K6mjiJD4wCqTDnUWQm3P2Eud68
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=1418185256&adf=4190026705&pi=t.aa~a.2215190445~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=1200x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=2&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 81BF
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELFtX8gyxa5yYX7EqVc0U-c&google_cver=1&google_push=AXcoOmTaAslgZCTFHMExPyueZ9AIprxMPsp1jV4De2oHYxFqNXMn7BQCf0NOJMfRm1ghQ8PtHnLMSJIhH8V...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaAslgZCTFHMExPyueZ9AIprxMPsp1jV4De2oHYxFqNXMn7BQCf0NOJMfRm1ghQ8PtHnLMSJIhH8VJAVytIvHWl2cs38rWssj9&google_hm=Y_gCFPuxRtm_vT2F...

170 B
233 B

58ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaAslgZCTFHMExPyueZ9AIprxMPsp1jV4De2oHYxFqNXMn7BQCf0NOJMfRm1ghQ8PtHnLMSJIhH8VJAVytIvHWl2cs38rWssj9&google_hm=Y_gCFPuxRtm_vT2FwPW1SG0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaAslgZCTFHMExPyueZ9AIprxMPsp1jV4De2oHYxFqNXMn7BQCf0NOJMfRm1ghQ8PtHnLMSJIhH8VJAVytIvHWl2cs38rWssj9&google_hm=Y_gCFPuxRtm_vT2FwPW1SG0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 81BF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMdI3xiDgip2PamsCarR3lA&google_cver=1&google_push=AXcoOmSy6WN67ZJLxoGg4VIss1iiuGaJBY0ziCT0YUHgAu9QXAw7lPT_JwibpYHfFGy5QM7m977X0QBmjziMLi...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDY4NDMwMzIxNjgwMTk1Mg%3D%3D&google_push=AXcoOmSy6WN67ZJLxoGg4VIss1iiuGaJBY0ziCT0YUHgAu9QXAw7lPT_JwibpYHfFGy5QM7m977X0QBmjziMLidwoi...

170 B
330 B

57ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDY4NDMwMzIxNjgwMTk1Mg%3D%3D&google_push=AXcoOmSy6WN67ZJLxoGg4VIss1iiuGaJBY0ziCT0YUHgAu9QXAw7lPT_JwibpYHfFGy5QM7m977X0QBmjziMLidwoiYI8_a7Jbqq3fyd

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDY4NDMwMzIxNjgwMTk1Mg%3D%3D&google_push=AXcoOmSy6WN67ZJLxoGg4VIss1iiuGaJBY0ziCT0YUHgAu9QXAw7lPT_JwibpYHfFGy5QM7m977X0QBmjziMLidwoiYI8_a7Jbqq3fyd
Date: Thu, 23 Nov 2023 15:45:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 81BF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECvRFordY3JW5FGyEAOltEo&google_cver=1&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-NO...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECvRFordY3JW5FGyEAOltEo&google_cver=1&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-NOgWWpDuEQH

170 B
233 B

51ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-NOgWWpDuEQH

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRCntgqA7KSkgMnCPmdyu-W0A-rl4OzGqOJSXBNpBHByFny0bY_E1c3dpKiAzo_JA61h2pUN371Ak4YFCQ7u3Ih-NOgWWpDuEQH
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 81BF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOpKXDzvCl3GGMmL7tIOnpg&google_cver=1&google_push=AXcoOmTjUNRLrhqKbke4qmPYfyE7zPPB-4JGeJ50Eu0kQKMVJIXqFcTY5fOrp6a9L3IVwVrIc7anhM-LXHqP...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjUNRLrhqKbke4qmPYfyE7zPPB-4JGeJ50Eu0kQKMVJIXqFcTY5fOrp6a9L3IVwVrIc7anhM-LXHqPv5b-9AUtAg1-Xmd-OhaN

170 B
233 B

67ms
67ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjUNRLrhqKbke4qmPYfyE7zPPB-4JGeJ50Eu0kQKMVJIXqFcTY5fOrp6a9L3IVwVrIc7anhM-LXHqPv5b-9AUtAg1-Xmd-OhaN

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjUNRLrhqKbke4qmPYfyE7zPPB-4JGeJ50Eu0kQKMVJIXqFcTY5fOrp6a9L3IVwVrIc7anhM-LXHqPv5b-9AUtAg1-Xmd-OhaN
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 81BF 0
131 B 183ms
49ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_lHt2AY0TqqJCirnjg771EJXL6JyRcBOX8Nbo9xKXnAySvBk9hcT6SzbYtGvLQwmuYZBk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F166
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED0Pav8J_9NVZn3X7K-XpzI&google_cver=1&google_push=AXcoOmQOmYTHzAwkcZlmpwoYOXNzReBFzDZysFXcldkfpyhcYWMTsk7V7AicU0MzhZCXn_cm-bRnpkOLC6suu7cI716XZMtVz1ef4Rw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMxNTgyMTY4MDg4ODA4NTc5MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1

43 B
398 B

175ms
174ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=3489070486&pi=t.aa~a.2983941107~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280%2C368x280&nras=4&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=7&fsb=1&dtd=16
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F166 0
105 B 245ms
119ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF56OcdX1YkE879HrLSnPuM&google_cver=1&google_push=AXcoOmSHvyGQJw7gX5BhINOT_phvO_nda7MIOxKj-mUN4vPsjUs4CyddbrRQLmGiNDuDOcn2ZxuvJ5hNlwJszmiVX-NKHAM6l1gCYRwc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=3489070486&pi=t.aa~a.2983941107~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280%2C368x280&nras=4&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=7&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F166
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELuBXQSIlxRpABSlpnoy-98&google_cver=1&google_push=AXcoOmR9xWamH__RY6_grWHXxK7fBfjvbaB66yQSQTK9SWVEDV_qv6rLGfVTP4ifBp22NPLoudZSsjGNLhcAmB1iG65iZeUOUlCtTPSA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3CC465550B64B2ABCD8295B6468803E&google_push=AXcoOmR9xWamH__RY6_grWHXxK7fBfjvbaB66yQSQTK9SWVEDV_qv6rLGfVTP4ifBp22NPLoudZSsjGNLhcAmB1...

170 B
233 B

58ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3CC465550B64B2ABCD8295B6468803E&google_push=AXcoOmR9xWamH__RY6_grWHXxK7fBfjvbaB66yQSQTK9SWVEDV_qv6rLGfVTP4ifBp22NPLoudZSsjGNLhcAmB1iG65iZeUOUlCtTPSA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Nov 2023 15:45:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E3CC465550B64B2ABCD8295B6468803E&google_push=AXcoOmR9xWamH__RY6_grWHXxK7fBfjvbaB66yQSQTK9SWVEDV_qv6rLGfVTP4ifBp22NPLoudZSsjGNLhcAmB1iG65iZeUOUlCtTPSA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 22 Nov 2023 15:45:48 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F166 70 B
149 B 146ms
46ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEG-mFAD1qZGmHnLudHOGbxY&google_cver=1&google_push=AXcoOmQPlDylGYKDU64yi9fgvsbvxtTeCvlrcD4qsxaDVR3RbN5CLTfkd2XxwlYgvekJ1PShDufIRYIof0NiUp3hP-QCN4AX3cfcIhBb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=3489070486&pi=t.aa~a.2983941107~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280%2C368x280&nras=4&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=7&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F166
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECeEPARgfoEcxwClAKnZjac&google_cver=1&google_push=AXcoOmRXyh1x0RSprqbUVlAMhHWoUQH_mMMDV3ozRN90ccXh-7Vf1BmNW6qnYz_JO_mGn0MxN5mu5ed6R1P...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRXyh1x0RSprqbUVlAMhHWoUQH_mMMDV3ozRN90ccXh-7Vf1BmNW6qnYz_JO_mGn0MxN5mu5ed6R1PYAwILbeDogSGld0C_hleR&google_hm=i1LV25EpSreY5t91...

170 B
233 B

61ms
58ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRXyh1x0RSprqbUVlAMhHWoUQH_mMMDV3ozRN90ccXh-7Vf1BmNW6qnYz_JO_mGn0MxN5mu5ed6R1PYAwILbeDogSGld0C_hleR&google_hm=i1LV25EpSreY5t91mMhU_m0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRXyh1x0RSprqbUVlAMhHWoUQH_mMMDV3ozRN90ccXh-7Vf1BmNW6qnYz_JO_mGn0MxN5mu5ed6R1PYAwILbeDogSGld0C_hleR&google_hm=i1LV25EpSreY5t91mMhU_m0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F166
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENf6y75g61WX_gSzxZz8JhA&google_cver=1&google_push=AXcoOmSg_g6kOgGXqGT7p0tsZU7JbG-jol3DUBp1WbbBOEtlEvtkRI3XN04L3GoRwYNhoBrRv5dD3akdSeGvDeq7gWw1bMo...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg_g6kOgGXqGT7p0tsZU7JbG-jol3DUBp1WbbBOEtlEvtkRI3XN04L3GoRwYNhoBrRv5dD3akdSeGvDeq7gWw1bMo6EWPgphp7&google_hm=eS1lMlp1WExkRTJwSF...

170 B
233 B

77ms
77ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg_g6kOgGXqGT7p0tsZU7JbG-jol3DUBp1WbbBOEtlEvtkRI3XN04L3GoRwYNhoBrRv5dD3akdSeGvDeq7gWw1bMo6EWPgphp7&google_hm=eS1lMlp1WExkRTJwSFRBbUxXYTA5XzROeHNobUphSVUwc35B

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Nov 2023 15:45:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg_g6kOgGXqGT7p0tsZU7JbG-jol3DUBp1WbbBOEtlEvtkRI3XN04L3GoRwYNhoBrRv5dD3akdSeGvDeq7gWw1bMo6EWPgphp7&google_hm=eS1lMlp1WExkRTJwSFRBbUxXYTA5XzROeHNobUphSVUwc35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F166 43 B
363 B 144ms
37ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSIPKBETiTKluEEQJ12XyNVvtPxOUbTMH7ZmedjZXIq8g6yyLs6co3OrC31GyfK9aciy6_4PONo1qVY868Ie6sFsbuGn5OJdCA&google_gid=CAESEEZJ7_F2kNvejPgf2ksSNHs&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 241402
expires: Thu, 23 Nov 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F166 0
50 B 156ms
50ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvZEXh97jIdDmO1mQDPqnDF7u1fMDPO4Y-S6xrBmvZchA9_X0eRi3wE4FGhc0_Vf8LyCRq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 60E1 39 KB
15 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame E0BC 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:44:23 GMT
x-content-type-options: nosniff
server: cafe
age: 85
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Fri, 24 Nov 2023 15:44:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C75 15 KB
16 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:19 GMT
x-content-type-options: nosniff
age: 500129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 20:50:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C75 15 KB
15 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:27:48 GMT
x-content-type-options: nosniff
age: 573480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 00:27:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C75 15 KB
15 KB 49ms
47ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 498006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:25:42 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 80ms
79ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 15:45:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E0BC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAB1Uq3NfZZ6cDJK99u8P48qS8AvH462kdOfv--7PEGQQASDxrIN3YLuGgIDQCqAB1OufmgPIAQmoAwHIA8sEqgSTAk_QaV16ux2NNlOlExYCrOops7VPKdThTpvniDSHSQQ6nl9QaQ33JxV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214400843904983210362%22,%22debug_reporting%22:true,%22destination%22:%22https://y-jesus.org%22,%22event_report_window%22:%...

0
0

76ms
75ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214400843904983210362%22,%22debug_reporting%22:true,%22destination%22:%22https://y-jesus.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860354004%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227239676544256181041%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14400843904983210362","debug_reporting":true,"destination":"https://y-jesus.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860354004"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"7239676544256181041"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:45:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 15:45:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14400843904983210362","debug_reporting":true,"destination":"https://y-jesus.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860354004"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"7239676544256181041"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5C75
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C192vq3NfZer1C_rY7_UP__WbsA3H462kdLjg9NOAEWQQASDxrIN3YLuGgIDQCqAB1OufmgPIAQmoAwHIA8uEgIAEqgSXAk_Qs3w_-zvcDIWF2NiFv5X6rg3_CqyjXoP7EockOYfleMZiBXq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225768909965804929673%22,%22debug_reporting%22:true,%22destination%22:%22https://y-jesus.org%22,%22event_report_window%22:%2...

0
0

75ms
75ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225768909965804929673%22,%22debug_reporting%22:true,%22destination%22:%22https://y-jesus.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860354004%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224179227345256420097%22}&andc=true

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5768909965804929673","debug_reporting":true,"destination":"https://y-jesus.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860354004"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"4179227345256420097"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:45:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 15:45:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5768909965804929673","debug_reporting":true,"destination":"https://y-jesus.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860354004"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"4179227345256420097"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E0BC 33 KB
33 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 196591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 564A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFOKoi3Z4uk3hMXl1-M6ovA&google_cver=1&google_push=AXcoOmRuWTegrfXlM9FGthLiOlwDpSBZKgTRyztZvtcywXyv9xffLX5iM3SYAD1B4WqDZJJWG3Sn1LZniTBPXrwoMlEWBjNsdbW0wPEj
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMxNTgyMTY4MDg4ODA4NTc5MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1

43 B
398 B

90ms
88ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Nov 2023 15:45:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJs9NqYK_hqNzR-CHu_8Jts&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 564A 70 B
149 B 48ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED7IMj2fg5JrXeZKxhSGIOs&google_cver=1&google_push=AXcoOmRX7Tr5l_k0J6YL70AO_qCh-2prTUC6O0v52zoVr2rxfsuMvznmiSwPf0SBwlXJjfu9NXt2uij8GMT9xD7JVf1kZODXrm3LSOc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQaCYi2gvXlf8tjcHDELYHQ_2YhiWg_Ro-uRnkiHM38ulwomJiGajNzLVik-9YRG2Qlf_XVPWfBDMAaIKngMQbwXoymX3H0yJ0H&google_gid=CAESEK4FfUQLo_x4ORiwLSqkMcQ...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK3n_aoGEgUI6AcQAEIASnRnb29nbGVfcHVzaD1BWGNvT21RYUNZaTJndlhsZjh0amNIREVMWUhRXzJZaGlXZ19Sby11Um5raUhNMzh1bHdvbUppR2FqTnpMVmlrLTlZUkcyUWxmX1hWUFdmQkRNQWFJS2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOHNiVFR4SWpSd3JqcjRFSFJLUWxnejFlQjYzdEdfX0x0bDVsWXlJZDZ2QQ==&google_push

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOHNiVFR4SWpSd3JqcjRFSFJLUWxnejFlQjYzdEdfX0x0bDVsWXlJZDZ2QQ==&google_push

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Nov 2023 15:45:49 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOHNiVFR4SWpSd3JqcjRFSFJLUWxnejFlQjYzdEdfX0x0bDVsWXlJZDZ2QQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJKEmbh0...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJK...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTk4NjM4MjUxNzgyODQ1NA&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJKEmb...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTk4NjM4MjUxNzgyODQ1NA&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJKEmbh0EXD-SBjGI6ExK_q-CVaKIEM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkxMTk4NjM4MjUxNzgyODQ1NA&google_push=AXcoOmQiu6MrvN65A90Uh5Z4xn-wKUpC2OSKMqUTGlHejU8FyaiurPjdgqJJyWOAOn-gxYCKSJKEmbh0EXD-SBjGI6ExK_q-CVaKIEM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeGL5H64...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDepiJTUaIxEJ5A5105aV_w&google_cver=1&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeG...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2OTYyODU4MjY1MjEyMzE0MA&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeGL5H...

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2OTYyODU4MjY1MjEyMzE0MA&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeGL5H64el0CDd8HNMAkYzYRHTrWuora

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2OTYyODU4MjY1MjEyMzE0MA&google_push=AXcoOmSLfuVwivCEc4Xiz0UUGgxCJmCVhkEflZRl30syHggLAeiYKpogccrEp1TvA10lm6ldeeGL5H64el0CDd8HNMAkYzYRHTrWuora
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 564A 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 564A
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL2J5STkM6rw...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ_Qjh9iWrA5_c3HBLGU0D9oIacU0pRHBi3jnal6itIoPRsldO-cF-7xK0ZgOnZuh5N8dqSGdvTR8ftl6Jb8je4pTjyeUTB-OE1zg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

68ms
67ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 23 Nov 2023 15:45:49 GMT
pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 564A 0
12 B 52ms
51ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISpf5yuRzRT4majcY2RNEz6zfz-bzcy1JDuG2iY6YnOz2MtkY7GvV09TSxuuATLHL2F0IesVg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9427 39 KB
15 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
75ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 15:45:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 brench.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/ Frame C271 35 KB
35 KB 42ms
42ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/brench.png?1679299492764

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa5f02a5cfc78cd8ee0f861ea3ee17c58ea8c374113239b570accad199c14d3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 22 Nov 2023 22:07:41 GMT
x-content-type-options: nosniff
age: 63488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36066
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 14:33:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 22:07:41 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
75ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 15:45:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A8D 39 KB
15 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

GET
H3 200 photo_tu_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/ Frame C271 21 KB
21 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/photo_tu_1.jpg?1679299492764

Requested by

Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b3aa83d13b1b7283f26e53f03bf5cfecdb3046b301b8b9239f983f58e6e0aad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1859267983780455328/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 17 Nov 2023 16:25:43 GMT
x-content-type-options: nosniff
age: 516006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21606
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 14:33:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 16:25:43 GMT

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame C271 39 KB
15 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 94ms
93ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf45f75ebb253ce0f46312b8aa05bc27bc1a0b4886dbe2d895dab3e1ac2a0d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12307
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CD9 39 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8787644639509776&output=html&h=280&adk=523175621&adf=1523732113&pi=t.aa~a.2984082524~rp.1&w=368&fwrn=4&fwrnh=100&lmt=1700754347&rafmt=1&to=qs&pwprc=3414697831&format=368x280&url=https%3A%2F%2Fportalnovonorte.com.br%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700754347152&bpp=1&bdt=2653&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc9c9797305a88b39%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q&gpic=UID%3D00000cd8c3f0c9be%3AT%3D1700754346%3ART%3D1700754346%3AS%3DALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1200x280&nras=3&correlator=812354201708&frm=20&pv=1&ga_vid=679381125.1700754345&ga_sid=1700754346&ga_hid=1179474279&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1032&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078297%2C31079757%2C44806140%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=3131449707305369&tmod=869260301&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=6&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 15:45:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D6E 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 4104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:37:25 GMT
expires: Fri, 22 Nov 2024 14:37:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 58B0 829 B
558 B 51ms
51ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

614d5b79fc0ac55a91445a0daacf9a30ea004d92d2c5b4bff1ad22b9f4fb232a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-asrDTdwnRGUmrebU56pcKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portalnovonorte.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-asrDTdwnRGUmrebU56pcKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:45:49 GMT
expires: Thu, 23 Nov 2023 15:45:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D88 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssc-UxbmHTZRY36Kn5W46w6_lSHCSCxvcm0Lh50jfOkeSw9nKhWKH2PyS5sIzj-gRcFdA9VDR7UMi5nYmS63qVo-T-y94he15zkFB0e4CAVLlEYtoB_tbvp98gHEL6CE2-5-OCBm9_iYsMA&sai=AMfl-YQ13o0jV1pjXr92XOfjEEk9D_GfDZ3ZgK4lIX3hDYfKDTCLdD1iaAxZbwAyjiHBT8AgSPNaUxek4F-AhdPMGAmYvkAKmvDru8-M6f1kuEW9v71Yij3pinp-bsKtcNChEtlvvP2958Q7WrShkHhg1Q&sig=Cg0ArKJSzFB3klRv5dcEEAE&cid=CAQSTwDICaaNMLkhC6ri8tdXCAb0teFs9-O1lKNZRjiS612jCSOZkYM55Tg08Rb3rzcqVps4HgDn_4CpxCZ-PdSjA1is_sB5qKrdAbNmNE9CMesYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700754347320&rpt=1312&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D6E 39 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 58B0 0
0 85ms
84ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3131449707305369&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2D6E 0
12 B 44ms
44ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?obR_Xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
85ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3131449707305369&bg=!QkGlQQ7NAAZxrfrxUa07ADQBe5WfOKTYsHbWYJN5P4I3YFPH_-m-eDXzLAqrN-Ask1hQoAIFNJH2or1_I4t63UsyoqGaAgAAAIhSAAAABGgBBwoArCQR-pK4BXRE4fy1uaxi0ngPMv0x4VvaPZ4x6La6GQtbCnnuxbjD5MOO9fJqfbZaCXnIZfXo5w3tnhp0jsS1r4kPTHjmLVYq00FZdAmR8B3PMOafu9W3yEjNCzUXybrzhRPQM8o7uGBlp7Gc7RnKJGPGGyK8wFAYN5exfngXD-Y0SvC6nKrhtcGILKMhE5hHd4k9G1z7bZ6C8TnfXhwUQ6wRsWDvJsoZ4QTtwwCZAq1IehoFVmCqgDh2Neo99NBW4M23X749lBHviwWU4WISke18tGjFXdOsfXiDPwC2oCrOq2j1S8GCER32QinOnPl1OxNJT4stkW2E5kGpUFFk-_ohUuY263-xAkCcx-edTw41xCEY0VteHRsON4OEt7OKt9o9VxO1n4KF594EB0FrGHzGvjjv_-IKNhQzY9rFVTOxK-8pkXsiUVT_0SvphjDj7DbzRFjgE2sZPPgTRKzXr89eQCAzuZHY1U5CrdYfIVzjvzvuAx163WNeTGqfof9DCx8_d3UvfZ43YlprY9c3dj_v62HvjFJuZoBoZ9sS18mEpXK04ZbRaAZHBFZ2hAzevwBI19tFLqx3RV1OrlpV0n-A424sLElFfliX6oQD3-f3VSW5pJVL9OjMf8w0XUnzc3EeZfr9XIYOdYvVb7oNzn8ZYX9hNSi0EVeksOjkjNryo-SPIRLmzj9JMc4A7tPQIArYFAlvtUSrf9tSeNhbPFOjaXt7-bMoa7QnlxHaM6mYLjV9QvZFrfC_Q-ar63hsmVVdA3yXNtaNAlOTEd8YSru7p6-IdyjqbzXrRYrbrsRNYNJECkiCujqCKs6LHr5H1zUCjcUPiVvCmNTofn7NfNwUy-HzxlmtIIajDSfN7NCTge91i8ujSjQIA3yCUGeTxRUf84MgVhGRME-Yo9lf7mGBjUhZb8gSmBLhu3BSZscU5cKtLN_EJS_k4VVQlweHXRKXafhD6G6mLk1izTNm3J4yLd-VRr2kn8GSRrWqQ29MiA3J3W3OCZ0t6OL7D95kHAHv_PnGLEaoAfxKh4Rk3k7Z1JkMA9vKPei-PErTS7wLHEyxFg0z7pKFbzk3dfLtTF29YqWQ_QEUvTOcgeTe3MicsFoJlxsRCJVSInZ6PpIATPgHwRqxMAtMPegT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame E0BC 0
46 B 63ms
61ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpbd860t&c=3589512578299&slotId=1794756289149.5&qqid=CN6d3NW72oIDFZKe_QcdY6UEvg&umsem=0&ape=1&ple=1&met.4=vil.lpbd86uk~vfl.lpbd86zn
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/07977d2b7ee0aecb6f84611ef43cb16f.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:45:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6b4f43946fde97161a47fe9201ba258c.jpg
portalnovonorte.com.br/images/noticias/56459/ 73 KB
73 KB 56ms
56ms Image
image/webp 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalnovonorte.com.br/images/noticias/56459/6b4f43946fde97161a47fe9201ba258c.jpg
Requested by: Host: portalnovonorte.com.br
URL: https://portalnovonorte.com.br/tema/v8/js/load-img.min.js?v=a7eab853
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: a452acf8001d273742879922647377c935f4199529a52d25f0a833cb89325d2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portalnovonorte.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:45:52 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 6
x-hcdn-request-id: 6e025e036525924c7043526163a34685-srv-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 74752
expires: Thu, 30 Nov 2023 15:45:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.srv2lenium.com.br
URL: https://www.srv2lenium.com.br/tema/v8/img/pontos-ads.png

Domain: str1.lnmimg.com
URL: https://str1.lnmimg.com/img/2023/11/23/7978f145783835d0595b079bb38414b4.jpeg

Domain: str1.lnmimg.com
URL: https://str1.lnmimg.com/img/2023/11/23/3e3041c5668aa25e9bdbba568596ccc7.jpeg

Domain: str1.lnmimg.com
URL: https://str1.lnmimg.com/img/2023/11/23/2f0dd8dd3acc4f03b4096954bd30393c.jpeg

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGXSotGN0a-h2EGV5zAnyPo&google_cver=1&google_push=AXcoOmQYOFEmsC4yrKZUgsVgUojg2Zk4Nf11z51N16SHNBF8fV6shmSbmZtAgaGR7jUzjwYU3EK975VqG0j5MRYi24ZTYtrv6TBMAym0Xw

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portalnovonorte.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: 18cae3e1b2b2356fb60de49aee06a7c0
.onesignal.com/	1970-01-20 16:25:56	Name: __cf_bm Value: _CgFXHUVyhQIRwvXbutg.Qt09i7Kh38lTLsw1exrmyM-1700754345-0-AV+1krihz5XBzmCuVXU/+kFEx+BD2+6CSfNW01n/OmRhsbu14sxJHeorP/X7li5QpQBoKJqe4vc+jsle7DF+JD8=
.portalnovonorte.com.br/	1970-01-21 02:01:54	Name: _ga_CYK3GQXNDV Value: GS1.1.1700754345.1.0.1700754345.0.0.0
.portalnovonorte.com.br/	1970-01-21 02:01:54	Name: _ga Value: GA1.1.679381125.1700754345
portalnovonorte.com.br/	1970-01-20 17:09:06	Name: clever-last-tracker-65704 Value: 0
.portalnovonorte.com.br/	1970-01-21 01:47:30	Name: __gads Value: ID=c9c9797305a88b39:T=1700754346:RT=1700754346:S=ALNI_Mb6sSHpp1HdwNyKWsdmrPmjsRWr4Q
.portalnovonorte.com.br/	1970-01-21 01:47:30	Name: __gpi Value: UID=00000cd8c3f0c9be:T=1700754346:RT=1700754346:S=ALNI_MbxxJWdzqaGUqtF85o1SKkgRxFC2A
.doubleclick.net/	1970-01-21 01:47:30	Name: IDE Value: AHWqTUnQdrJT3xOMI0zuWQ7UE7TSGYN3X3QDS0qeoA8NcoB2FU4Q22MHYwjLyMJva_s
.doubleclick.net/	1970-01-20 16:25:57	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-21 01:11:30	Name: cid_8b52d5db91294ab798e6df7598c854fe Value: 1
.ctnsnet.com/	1970-01-21 01:11:30	Name: gid_CAESECeEPARgfoEcxwClAKnZjac Value: 1
.ctnsnet.com/	1970-01-21 01:11:30	Name: cid_63f80214fbb146d9bfbd3d85c0f5b548 Value: 1
.ctnsnet.com/	1970-01-21 01:11:30	Name: gid_CAESELFtX8gyxa5yYX7EqVc0U-c Value: 1
.simpli.fi/	1970-01-21 01:12:56	Name: suid Value: E3CC465550B64B2ABCD8295B6468803E
.adfarm1.adition.com/	1970-01-20 18:35:30	Name: UserID1 Value: 7304684303216801952
.quantserve.com/	1970-01-20 18:35:30	Name: d Value: EA0BCQG_KoEA
.quantserve.com/	1970-01-21 01:56:08	Name: mc Value: 655f73ac-d6ba1-fec79-510da
.googleadservices.com/	1970-01-20 18:35:30	Name: ar_debug Value: 1
.de17a.com/	1970-01-21 01:04:18	Name: guid Value: 1.1777020149852282688
.yahoo.com/	1970-01-21 01:11:51	Name: A3 Value: d=AQABBKxzX2UCENLg-AJo_4lcnYSuVLVLlSEFEgEBAQHFYGVpZQAAAAAA_eMAAA&S=AQAAAi-HucWmz2M550SJsYgh0k4
.turn.com/	1970-01-20 20:45:06	Name: uid Value: 7315821680888085790
.rlcdn.com/	1970-01-21 01:11:30	Name: rlas3 Value: xAY8uMQTgv8j5J/VdAZxwx5nsP8z2DlsYVjNhp4CRVs=
.adform.net/	1970-01-20 17:09:06	Name: C Value: 1
.rlcdn.com/	1970-01-20 17:52:18	Name: pxrc Value: CK3n/aoGEgUI6AcQABIGCOndKhAA
.adform.net/	1970-01-20 17:52:18	Name: uid Value: 7911986382517828454

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.srv2lenium.com.br/tema/v8/img/pontos-ads.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://str1.lnmimg.com/img/2023/11/23/3e3041c5668aa25e9bdbba568596ccc7.jpeg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://str1.lnmimg.com/img/2023/11/23/2f0dd8dd3acc4f03b4096954bd30393c.jpeg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://str1.lnmimg.com/img/2023/11/23/7978f145783835d0595b079bb38414b4.jpeg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ajax.googleapis.com
c1.adform.net
call.cleverwebserver.com
cdn.onesignal.com
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
id.rlcdn.com
match.adsrvr.org
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
portalnovonorte.com.br
pr-bh.ybp.yahoo.com
r.turn.com
r2---sn-aigzrnss.gvt1.com
r4---sn-5hne6n6e.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
scripts.cleverwebserver.com
str1.lnmimg.com
sync.teads.tv
tpc.googlesyndication.com
ui.cleverwebserver.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.srv2lenium.com.br
googlecm.hit.gemius.pl
str1.lnmimg.com
www.srv2lenium.com.br
142.250.186.130
142.250.186.98
151.101.193.44
178.250.1.9
2001:4860:4802:32::3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.169
23.35.237.56
2606:4700:4400::ac40:919c
2606:4700::6812:d73b
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:4009:16::7
2a00:1450:400e:17::9
2a02:2638:3::c
2a02:4780:24:4c58:ec5c:daec:3c2:dfa9
2a02:fa8:8806:20::2010
2a03:2880:f083:100:face:b00c:0:3
2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e
3.33.220.150
34.91.62.186
35.186.193.173
35.244.174.68
37.157.6.254
51.89.9.252
85.114.159.118
006ef6ca79c3fa2a7771b6fe0705d0287fad1e48c37747c21426fb7871e3cf6a
04f388bfcafeea6847930d0f67c5da67decc6cb5a2188792a7d54cae57739b9d
07fb7d12970cc724e9a81606d59766f4722a107c0d0ae708d620db3afb72c46e
08bd496a10b639cac1a2fc4e4abfcf75ffbb4d8d98f06063e30ac08ef8c5ea45
08e3e8b5ddfd50fcd50016d714064d58e504f224c1c16296fbf49a531ca9e1fc
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a4d5357dbc8302026d7b921fe488ac446b999045015f29d5145497527d6f1be
0b3aa83d13b1b7283f26e53f03bf5cfecdb3046b301b8b9239f983f58e6e0aad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf5caeb030e5564329b58602b19d8bc757721b45300869ef919a00674f47ea1
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0ed34a9cd0c200f328d79db6c9fc312383959cfb59bab01483b56b2f895e258d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
27d3bf8eaf3862db769d5d659313b50ec37d802a907d1c99e8c6ebac2dd8d2b8
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
28f5ed6cf45245d66c1ba99eac35d16c1bdcd7f6982ad04055971438b7d2570d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f6b549bee002cd3949cd407bbd971c42c2a12b503686808f87eaba68a2e0e43
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ed43e8eae57fcf56c0f387a0fc0d7ba7c80ddc74287a7dc1811bff25c5c71a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3310d875cd46eb110231429849612ed8584c4e5801a39040cd50765082e76c63
3504357a4062f9e424468febcf682805e5aa55f8cbd952a0c0db574b25a1db72
386576a023bf9911cc6db5dcf73818d593cf477e9d23e3bf107dca99de4d1e87
39abd4134d9a69374083de6633f502d5f9f6784d809f35721b994adcde115d78
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4032324a554950b6741a7bb9ef33d1095c9742fcd26d556b4c5b19dd884bee55
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
42c191fd3064e8b3e8d73991754c25826737c23ca784e889d71041d2278fd0a7
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
474f12eb1dbe62fdd1413dbe1444f5f4f1bbd1a079d43222a4e66b9f818bfc4c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4aa5f02a5cfc78cd8ee0f861ea3ee17c58ea8c374113239b570accad199c14d3
4cb3942faba651464aaea96b15db4fe562627010e9b088ec04c8b64361564e41
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57424b0e58d1522cfc6619895b77c6b25f62ec18e6566e2321bce1dafeac54c4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f6f09449481ffa7f1d6c30245b76b92f723444b362689cbca63249667f53fff
614d5b79fc0ac55a91445a0daacf9a30ea004d92d2c5b4bff1ad22b9f4fb232a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62104e0fc50702d04f6753b624b5b1568b8a000f28f4edd1b22565c40ad446a1
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6d66c9a22d3f45eb554da05682ee7a520cc1be6230034ea8800ae147a0fc36b5
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
7709441be61c4cfa3325864862cff11c50901f96661b2ebcb6da64a09f7f989a
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
788f136f92f33244c1ab40f543bda3b862a108fd4de27c80fde7c48cd9efe68a
7a85b539ce45276530dfde14eb3cc17ee9c47296e10925372ec6686ac73532fb
7d6a35c8f8a69f25057b8eefc0a890f7a6823476b902e8532946fd8cda259510
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8003dc5f77959bbb6bf2af53527cc944cb47e9e65181af3c0fb8b1047d27bd49
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
92b795f065d15976b837b5fcd13ee6136368b21973f79168552b259c4f15db25
96d8a40612ca2a02e79f3f07e27bd131f06c5f47b720baf29bb023805ac93ce0
983de16021c17f275be68a5ad52f44a35b33d2cc6441f030c8e062550194f283
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b266cabd425115bb2d2e5832c8ba939a92ad526a85f8824214f932e3a32ed0b
9cd6213166c6e85ddaee06a24e846630d1483af28f90cd39e5d9a8cc18e9d2e1
9cfc12e2cbc2ac93a44399f947063682fd5309b7e50fe02ec8281d84fd6314b2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17abfd5c92173b46b4594760d74c781cc5980c0e9d445b5681c912ce8f9995e
a2861cdd2726765a764a2bbe8343375753764aeb8fefe576f54cc5984af7ae8f
a452acf8001d273742879922647377c935f4199529a52d25f0a833cb89325d2b
a8abd5bb1b92503c91d4cfd1e6cd8d0445a43aa245d54e86a2794fa36ec08185
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acf4f232f1c61e2391e84c41f78a8ba0b43f8079ca51c51eb3b2419bdf5e1e9a
ae234a759cd9b175241edfb3ca4de6483a6cc1ca1bf89866b277589b8b801a65
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b3c4ee94be481ed12d5f2d1177cf4c764693d3d303fafb71108f4d884810278a
b72c1bb1c06acfbaf7ba080e1db6595fb0bb506b4e76cf53b9032185763d81c6
b7dbc0844e6295605e93644c8cb0392dece82678820f41bf9dcf00f7395097e3
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
ba990d210a46a284b844dbdb766a992c13f56175f852565988930053d696600f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bedcdcbf2eeafd567f8da8d8ac3e5b41c663957db35b7f1a1f031ad3aa73337b
bf45f75ebb253ce0f46312b8aa05bc27bc1a0b4886dbe2d895dab3e1ac2a0d40
c0873d73a6bae4d769f82cdb200f19ca140420d3db611d9910adf325553d95a7
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c190d1bb7c06a1933dcc6f0a2043233ecbc2d2ce35d89d89dd7c3bf08c9f7831
c55975a0bbffdf56902ecc632326120309590360f83567ebdc5dddaab13c946a
c6afbe57870d3e51a7bfd29e577d13cfd54a61c4cdf002a65320d4e79870f86f
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c8b687b97eee21e426bd2e2b66d93f848436b8bf885912ddf5f71149fbe62ce3
ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419
cc00f8292c47dedce67b9ce7a331cdb880e0d5607a88faff4e19054f36c4a035
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
db1eb74451a0cac5115fb598f7ca439d6143aa1bd26c999bfe9889f6121514a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e43e7ee3857ad0a7ca00786b31032e1f556adc26f5b952134c9de3bdf5cf3552
e4edc9ac9637f25a5cce3615d640cbf4d621029aedfbec95a951e2a4f87ac2fe
eb1497c3cbb069ff26d29a104cb56e417f455431ef73994cc56911e351434859
ee91bc4735a8dad9eed8963eae1534f71d41022e4286cb5d85cb0f1b29503a18
eeeda2bd31a518bd0173fb2d54b22bfe6f24ff66347ed7f83e21d1bedf4083bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9214100f469276adac5738c9f30319c83fbfad8f063cb25c46e88972f126713
fccc29ae8321964360af5d03ab89ae855dee0ba4d19368bf5f1a358f78677ef8
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

portalnovonorte.com.br Open in urlscan Pro 2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

89 %HTTPS

64 %IPv6

32 Domains

44 Subdomains

27 IPs

9 Countries

5114 kBTransfer

11083 kBSize

25 Cookies

5 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portalnovonorte.com.br Open in urlscan Pro
2a02:4780:24:4c58:ec5c:daec:3c2:dfa9 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

89 %
HTTPS

64 %
IPv6

32
Domains

44
Subdomains

27
IPs

9
Countries

5114 kB
Transfer

11083 kB
Size

25
Cookies

210 HTTP transactions
7 data transactions