www.portalt5.com.br Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portalt5.com.br/
Effective URL:
https://www.portalt5.com.br/
Submission: On March 02 via api (March 2nd 2023, 9:33:00 am UTC) from US — Scanned from DE

Summary HTTP 240 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 48 IPs in 10 countries across 41 domains to perform 240 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is www.portalt5.com.br.
TLS certificate: Issued by R3 on February 19th 2023. Valid for: 3 months.

This is the only time www.portalt5.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
31	2606:4700:20:... 2606:4700:20::681a:16b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:160e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.76.9.107 185.76.9.107	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
4	2606:4700:e2:... 2606:4700:e2::ac40:8608	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:803::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
1	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	13.225.78.101 13.225.78.101	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	116.202.46.88 116.202.46.88	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	40.121.178.25 40.121.178.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 11	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	18.170.235.198 18.170.235.198	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	13.224.189.110 13.224.189.110	16509 (AMAZON-02) (AMAZON-02)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2600:9000:211... 2600:9000:211e:6200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	3.122.123.120 3.122.123.120	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.30 13.225.78.30	16509 (AMAZON-02) (AMAZON-02)
2	18.133.166.146 18.133.166.146	16509 (AMAZON-02) (AMAZON-02)
240	48

11 151.139.128.10 (United States) 2 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

portalt5.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.portalt5.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:20::681a:16b (United States)

ASN13335 (CLOUDFLARENET, US)

portalt5-static.cworks.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portalt5-cdn3.cworks.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portalt5-cdn1.cworks.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portalt5-cdn2.cworks.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)

v3.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

data.gblcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.76.9.107 (Stockholm, Sweden)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-76-9-107.azioncdn.net

files.metropoles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8608 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:803::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

d.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.46.88 (Weng, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.46.202.116.clients.your-server.de

ads.metrike.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.121.178.25 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.smrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.201.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.170.235.198 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-235-198.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-110.fra2.r.cloudfront.net

img.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:6200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.123.120 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-123-120.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-30.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.133.166.146 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140	2 MB
47	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 221779	257 KB
31	cworks.cloud portalt5-static.cworks.cloud portalt5-cdn3.cworks.cloud portalt5-cdn1.cworks.cloud portalt5-cdn2.cworks.cloud	492 KB
13	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	631 KB
11	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	394 KB
11	portalt5.com.br 2 redirects portalt5.com.br www.portalt5.com.br	91 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35870 hal90001.redintelligence.net — Cisco Umbrella Rank: 276049	42 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	249 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 377	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8947 www.google.de — Cisco Umbrella Rank: 6149	1 KB
4	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 126734 osp-assets.pn.vg — Cisco Umbrella Rank: 149147	78 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18601 api.webgains.io — Cisco Umbrella Rank: 51787	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 49470 medialead.de — Cisco Umbrella Rank: 49025	1 KB
3	metrike.link ads.metrike.link	65 KB
3	denakop.com v3.denakop.com — Cisco Umbrella Rank: 413204	103 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	869 B
2	tradedoubler.com 1 redirects impfr.tradedoubler.com — Cisco Umbrella Rank: 89787 img.tradedoubler.com — Cisco Umbrella Rank: 86325	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	237 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	136 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
2	tailtarget.com d.tailtarget.com — Cisco Umbrella Rank: 79602 d.t.tailtarget.com — Cisco Umbrella Rank: 235404	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
2	metropoles.com files.metropoles.com — Cisco Umbrella Rank: 952322	12 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 46652	3 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 712	340 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 701	440 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 730	715 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 654	465 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 114828	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 40433	2 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 48696	629 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 132014	931 B
1	smrk.io b.smrk.io — Cisco Umbrella Rank: 237463	604 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	556 B
1	gstatic.com fonts.gstatic.com	44 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	2 KB
1	gblcdn.com data.gblcdn.com — Cisco Umbrella Rank: 299981	6 KB
240	41

	Domain	Requested by
41	tpc.googlesyndication.com	securepubads.g.doubleclick.net af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com www.portalt5.com.br
28	securepubads.g.doubleclick.net	www.portalt5.com.br securepubads.g.doubleclick.net www.googletagservices.com af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com
21	portalt5-cdn3.cworks.cloud	www.portalt5.com.br
21	pagead2.googlesyndication.com	www.portalt5.com.br securepubads.g.doubleclick.net pagead2.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	www.googletagservices.com	securepubads.g.doubleclick.net af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
11	i.ytimg.com	www.portalt5.com.br
9	www.portalt5.com.br	www.portalt5.com.br
5	www.google.com	www.portalt5.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
5	portalt5-cdn2.cworks.cloud	www.portalt5.com.br
5	www.googletagmanager.com	www.portalt5.com.br www.googletagmanager.com adv.office-partner.de
4	hal90001.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90001.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90001.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	portalt5-static.cworks.cloud	www.portalt5.com.br
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ads.metrike.link	af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com ads.metrike.link
3	www.google-analytics.com	www.googletagmanager.com www.portalt5.com.br
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com 5994599.fls.doubleclick.net
3	cdn.pn.vg	www.portalt5.com.br cdn.pn.vg
3	v3.denakop.com	www.portalt5.com.br v3.denakop.com
2	api.webgains.io	analytics.webgains.io
2	x.bidswitch.net	2 redirects
2	5994599.fls.doubleclick.net	1 redirects www.portalt5.com.br
2	pv.medialead.de	2 redirects
2	www.facebook.com	www.portalt5.com.br
2	www.google.de	www.portalt5.com.br
2	stats.g.doubleclick.net	www.portalt5.com.br
2	connect.facebook.net	www.portalt5.com.br connect.facebook.net
2	sb.scorecardresearch.com	www.portalt5.com.br
2	af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	fonts.googleapis.com	www.portalt5.com.br hal90001.redintelligence.net
2	files.metropoles.com	www.portalt5.com.br
2	portalt5.com.br	2 redirects
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	secure.adnxs.com	1 redirects
1	onetag-sys.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	www.portalt5.com.br
1	ad.turn.com	1 redirects
1	img.tradedoubler.com	googleads.g.doubleclick.net
1	impfr.tradedoubler.com	1 redirects
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	www.portalt5.com.br
1	pb.media01.eu	hal90001.redintelligence.net
1	adv.office-partner.de	hal90001.redintelligence.net
1	b.smrk.io	www.portalt5.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	osp-assets.pn.vg	www.portalt5.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	d.t.tailtarget.com	d.tailtarget.com
1	d.tailtarget.com	v3.denakop.com
1	fonts.gstatic.com	fonts.googleapis.com
1	portalt5-cdn1.cworks.cloud	www.portalt5.com.br
1	cdn.jsdelivr.net	www.portalt5.com.br
1	data.gblcdn.com	www.portalt5.com.br
240	62

This site contains links to these domains. Also see Links.

Domain
www.metropoles.com
jovempan.com.br
politicaporelas.tv.br
blog.portalt5.com.br
pipocasclub.com.br
bit.ly
www.milkafreitas.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.cworks.com.br

Subject Issuer	Validity	Valid
portalt5.com.br R3	`2023-02-19` - `2023-05-20`	3 months	crt.sh
cworks.cloud Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
*.gblcdn.com GTS CA 1P5	`2023-02-23` - `2023-05-24`	3 months	crt.sh
*.metropoles.com R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-10` - `2023-07-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-09`	2 months	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-24` - `2024-01-03`	10 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
smrk.io R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 31 frames:

Primary Page: https://www.portalt5.com.br/
Frame ID: 8084034139C920AAD28F0B634E2F6278
Requests: 90 HTTP requests in this frame

Frame: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf
Frame ID: 75C2CADAA32340D1B84E055A0F7F1342
Requests: 5 HTTP requests in this frame

Frame: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9638B1A00ADFB4047050BE716183BB1E
Requests: 1 HTTP requests in this frame

Frame: https://d.tailtarget.com/profiles.js
Frame ID: C32CA4A6723E8EE5C8F46CC3E8C08AD3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Frame ID: 883CF9041A29EC4C293882AAAE902FBB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7K1BfwKVW5vQJeTpPEW9ijBPCcxMyv20I1Lz9IDqURc927-5Tlb_wk7iAQAfvwzk0PSHzpX5t7gP4sS9PEYJRNs-YBoRNgtJlHYl9u2TIL12OyeoLAPxroF0KdockONdMVdY8I-xJx60h0QWgOLjdzgOX4AuylqDORD8pSnR2yjOdWEzI8wYY-Gx--VrxmC0wckI0Dt0k5rd8mZC2zC222_7w316SmATc7yIit6N9kcHRP08spzZghbgFAPT77hIr-p1li2D-eAWd7m7ow-l6r0ApLuwqkDzgLmzPR6wsOJoB7IP9QxoYov-JycD1-OjnjicwbKSvjdLMfsI&sai=AMfl-YQzUqmi6zgJ3UgCRKo5MAlZhkLLbfgewCwJibjVez-29FV1Bd6w66_UIz1yeJHwORXyanuEeU9lHuYLSNLHhftr0GzivOUwoYGErcqHMRkbDugNTr2VjeMEHCD3AFLBnGW9ZFr1rrgezPwuCng&sig=Cg0ArKJSzFx151Ugw7KcEAE&uach_m=[UACH]&adurl=
Frame ID: 0AC3D7A79D920DBD87080D632FFAD07F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqHkg86xGDeXUugxIUKGb6qa22NaeaNmhq6K7JFulrh9mN-9goMTtDHArIXdlawYqU2cpnLZe8wkjSfrZCUNEz1RRUavz7NdpfkpQscV9-Q4WvOQl5Kp2snUsPMdFZFni1j2seOa2Pdm3cD2c0-iaeKctepZ1B9uVZY-tfKudTpLdxv88RR9XbFczV573hvbG9H9RehlMQ37gCOX_zy_kc5vFZts0GKk48j5CxV8vaO4SXdkvpctvNTvA8RfxLWuyckIf-7Kd_E4KazMNfkGB2c61epftfD33LkKoFoNnpPLN-9gs_IMem-tggn_fAd8m4WZ5KMgDuq9BWK7J2&sai=AMfl-YTeVKGcCA1XxPCfa3NExeVM2IxD1ai3N8e9shoPun6W3Ef4LcJpXoHVbMloqiHQ-Yo-9OWGTPkPTVXm1z7oOz6y22KkruEdlLybCARrxv4NTYqGF8vOOStZJ6sqqVqdQV0DVwpYJfjUUcY1wrM&sig=Cg0ArKJSzPrLbbmT823cEAE&uach_m=[UACH]&adurl=
Frame ID: 506A81328F324CA7B9DAA265B25BE7A8
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMl4UTyzjPKZpydHBI_mbpDvnI9Az0obUykZHh7eIneqSjSDbr4zwKBqJWRxrVdCbqccVWZc8_bnubiaqKA5Tt-z0rrPZm7m_jvzw4nQKwpu_I83Rk2tYRu1ZFWXrSO8rbRa1NyvRaympDJxVkv2MSWvVDKxvpUfbfRqRxo0IePKajuDDJdcvN5UTToayL-eb8n_6fA9LNbed-Xb1hyqmtUf9nIC_71hXksJaJNk1o2Gjj7wfJdUT10ZvW3bvXjiR1WGBMHyXZ1-WMNLQ9hxaEZFZBM07IK7u0_PN1LpK8JiWOPZxMb0_EyFzjdGfNOKgB9R7yVvjfMwozR1Kx&sai=AMfl-YQzBi_9wO8dTphKD6-8MILev919A4RvoZc9ZlFzE825BBzMLkjpnQByK0yMzxNyPH_-YmZV2lb-gqSh8MPNDR2XlNiHA3qFJY6-Fx6czl-i8PiP8w3W9OCQetkLBjMTycR1CSyUszkmsD_301k&sig=Cg0ArKJSzCP_dvRioqJ6EAE&uach_m=[UACH]&adurl=
Frame ID: 970075BA5D7B8387835FB170B5B59E14
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0C162r0umhVi4YkizM4CGQlZ5zw2gcTk4yrFcR7ZUcT9BxmCXo6pXmJv0tkMys1jVtmzRmiu-j4qBGIPbNhbRP9Qx8oXesHqLadnp2-kua_-2REcRVo5gsNjY6WiAqJ5yxcRU2szKQxrvr6wJp-C-SvcjVyL8ofp-cJHnR4yhNcZU6q5cSTRaDVjbEjrm8vpjX1km4O0e5pEo_k-DvrkhcMApZYWn4YspVbns-k0CSdnf7wQeluvavD-uIilrbJzfQCyx5kmAhwlPC01dNRlhYRg3dXAq1bU-F7jJeNdCbOaSMRCPfCV7UMnZB3max0e7PY6QUm2tIy1n0xYY&sai=AMfl-YR-aNEe84LWbX5lOCzUaKGG1Qa21ChLOHpZdtRipaEL4pjtaALDafNgivGcHZe8YYYQNOfWR0lnJgGWFeWAdbgqgiGMR2MRNlojmbTLnK5Ub9S6couWBcEP7LO_WJdodE9p0TDHgUDFQw6PDCQ&sig=Cg0ArKJSzH7E5Llgrli6EAE&uach_m=[UACH]&adurl=
Frame ID: 383BFB8D96781F6F281CAF45759486C1
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_Eq2MIR8UfiBn_fwsJj2PwSvxvt7RO-9lnoEFeHm7-QKgtG7SSjXo059GkWFbtPHG84XgeZX6IZxcIBd60074EP1Yv0fApLzuKK6nbAvGIku8FCebEtpCZNrwY9mztfZJ-2TabE3JN36idzgWQqnDuG4YvHJNIBrV37jGHW-arPdCbc-8Ae--Udj_gNTQoQSkRHR3iYwwa584CB8VpsXKo5eRGAq3uBGvJAaBv73c1jdEuGhie16zKedMi2O6ilMUvMXumX_9eASV08vV_hJEr2jO4BOF5ru9KMCIDYV3Jie6Z3sDFRBuObhqmPNXKCUSZdVFmmRupyxbatsy_ZHyV9bTL7pWOYqh&sai=AMfl-YQPJqPS6uuc_TnK2wk7e2IgGeSDc_1epopRpFqSUg50WP-rto0f2Fz0-sqxcCNfrL0JJJx3Luhah1sgx_pTxrm0iUoaB_SvGcAcHpECG2Y411mZl1lf9LscC1miMFvi5hnrESLD0bsTK1xwCqE&sig=Cg0ArKJSzDC8hEplTBb5EAE&uach_m=[UACH]&adurl=
Frame ID: F89443DBD633B233FA82F229255A6B09
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9bbP79s9jK88mmNWTVMbuKHVJ-2TQC1_-HqhRJTJMboopAhRcgik17kT3AIvC08UPABwObnyrLjHot-s3NqZV3OjgVVsyYKPhtNrWgnpsVPjxEmvli37eyc7K0E4ULhNlrVSIoEfZJSSk9Qtvl3MLXhEQXhIKVJCvHEFESj7Xq5BrIx6-7BBtWLgSqA28Q6Z-zoEhgwiias5_7Udp75PusQriMYfhKf1GCMv-ma_W0dWRE_wRNgw_AdJdJ2ahmGlUavNtJudZ_KcFLDC2-7IN7HKHKbwA3e-nhRjqASBFw2eWLCVpGTY9GyT5WLXHWcyLDNzszXewBMxaLpRu&sai=AMfl-YQ2xya7xyfQoApIuXRe05rmNWbMmHBnu3MMa9WB5j4oNC8ScYxXFJ3zWKJFXaXSoksOJrZ2yO5SxzHl2880HCtDsp1QnvP30kD0jSk9c16YFQPwPJCwGRWITc85yqYQHE5GnMQU64PtmmkibLo&sig=Cg0ArKJSzMzBC-bjBf68EAE&uach_m=[UACH]&adurl=
Frame ID: AABAB0C54D4634D74D870B16F9DFFB0B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9LJSFUoPAGlOoPcz0165xNm4rWJEk8MBcy3b7C94VBb3mD_fzY7Jr6nbGfmSMN1ChRr_6TxXL1B92XPcWpA35upH6ybXtMYApeAszgcyNhcz3qTj7Xlas8AWsJ_2THViQMXaxX0Ra7v4yZfxzXjMf2ZrqML53kgMoPTLmIhjfiqFqsXguamA2TtXiG21rq4NfcmslKTbojzclKCcsSFhj99GWhmSiIDHpMIA1-fIC2G_r-LI1kVnDk-_yj9VOC9jpuRuTA4NGRLa-Lm47YJiDsu-aXWyWf23XcCv1sFAs_cJEBNJjdPXD1ke2depQxZpKOAwv7KNEt4x6xKGl&sai=AMfl-YQAMDaZIJo9e308oN5I-yHk0Nh2UUodG5Wy6eK2NfvIMH_GVAFcQUCLiv8VpMssGDpwfy5m8091XF1-vu6wM8rB_VGa-NAxKV8X_DuxENoc3aZ7zXrtA5LzJFdPdP-OR01Nfd6hFeR3S2FZxPI&sig=Cg0ArKJSzJhNKJGV1Pt0EAE&uach_m=[UACH]&adurl=
Frame ID: 380734A84702CE3E1D0886F18476A071
Requests: 7 HTTP requests in this frame

Frame: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC927BE7444D3AFF40EE924947EE2AA7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_WBw8jTItqyiV_Dy2aKsu2tog2Zoc7mSYoGUt57OsNM-54pXg2Nc4ocq3NANszAUouMnEaxuCcNLTRC3ehILBIrjrUY6ok_zVaJsM2EC4Ee-siVJaQ2FAcp7TnROlLqtJpFmO6ZDW3Qklc1OfAcb6Dxl5Y5rjyIPHTb5Bmm9ry4puFdrFRJbe7QM4g8_oPm3krP6XHPLjnqpvkU0avGviwLqUov7tG9j-8Rcl3JcfOAzj1bQHSpgWcCz-NRngdUynyT2i75Haufn0CHkjezKDrCcSRZTOE1yowcgOUx3aeNRLCYEkourde3_3F2a6K-4kH17mXZAscYDumFKZ&sai=AMfl-YTNEodsQxrUkHXRTDeIzfXk4Tfx-0Q5XVaHnw6WF8DUmN3UzAxd53BjXHkNXbeH7y2Xbl4g5SIu7OTrKonRNuGz3vRtK0qgFjNRn-NdlFQTdlDq_Su-5FDXflfbEO54gyQ2kjo0gCdDoeJmS9A&sig=Cg0ArKJSzO3F9dxyKetdEAE&uach_m=[UACH]&adurl=
Frame ID: E5529E2F292C3FCBDD1EA95C96F7578C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-uToZFZ4BOhUSYOd87rspctgYc5JC3quhrpH-5cCjT02mjOm0cgaUo7JNzWQ7MjMYjbwOcD_hnfzgiOGKKDi_HYaQ6nV3x0jdg_trsJGb3DOTG80c3_PumOPCNqB6G_256Q3DfFV55RtHEwkCkNPtkZIzB9qztPiz27HPQCQ8xa_3gbGyPVp1rPfd_oyxkyNOEBs6xcTey2twOCnYcHFJ7zabGlIT_YHwoXIWsFdd7zyqcRtMnGIJn5tdSH1h_0pHGjVy1QRmV9LBhI5iFF5EPdG6S8ziWLNFcpTavuQfBg_knq7kqFtG1vtjlZ4CVe5-OmfEoC7IQtkl1i8XzY4nqvtt8meg1pl-htcAoOPZmj8r1AnpEg&sai=AMfl-YQI9ITXnPhklhHAktEttYuHfhE8oCDz_VMy-tseSEzblLQVu2ipzeOf_N8GKzshmkQ_12lecAGqy5GrIMeZAZq87_mF9wE09YMHvzhk0NacALr6mh2Wezow8I8kPUjauiMKT2C0jUjCQYsHi-A&sig=Cg0ArKJSzLmRqXbj4axHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 82D0B4DA0B028889DD44E845809D3A63
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2wUvDgiOwfWdloXl3jvll2NTz_sLqrl79ItUetLWATguq1tz6RIRRhG6cas_RuTvdzbs8jlQhIMvzlYbSz1gzVWD568gerEgOhUN63nnQmJMzOcdkhC795B5MhfC94sEabrEDNXyIAyd1vVAC_vi3vAb6Pf4485UET9AuMG1YxUNXhB5BBGeRjZtf-kyZLT0PTdzh68-g5Sid3ZMRgpGFFWM0YEe6D-t4guvcz_bDx-HMFKOPOtgbF8BYqXweLuGq2soHpoU8DCmLPeIyVKXBejldAk8JkvhfPQxSTDQ8uS4ahmcjUcx2ffM6O1C8zmR54FLUCgxH8Jki-7HDm_VhzL8&sai=AMfl-YTmQs34ksoPQYTGh6nlsXX0ZIabpltBCdZUCN7o3MwKs9PA83t38RdjYArwGVOz17M76v0tZfzS15AhU2bIj_m2LtlnxUyYia9llyS2iCLJXp5oPFEM1AY1_Jfzetbn5_CUI4zxRRPgo6LZZ1U&sig=Cg0ArKJSzBq80UQhkqg1EAE&uach_m=[UACH]&adurl=
Frame ID: 7584C92CFF4F5EB3FAF57D730B784BF9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZXyjOdXfZrtHJMKGyfx2iqIFbZotNyMXeBUcskplRJ5JODxHo9mAguN6zrk9gL9qOyqEhjsxBt9qz15kTK0iWVWKqQede7SuJuSZQ4eGXuJxd3V4YyDzqiqNqhH7BwJig3l2uE2rNM9e-pOAZcMb2dYe1pk78QZFEHIzPFvzky-WJnXiEeSloB31nMyzCMK-cMm1h0g06Rkgv5h4BY9odLjqLo3VAeEMn_P_UwVlZi_TuXrvvFulx2ORAKmVKSx9k1dlVZIhJ_kRczCuCOSb_SlsqysUvMtJNxB2-AAGbrM--rZ2NYnsDvE6F0JyMvaDgHc9RG_nUbj3nPhpzB7M2MFU&sai=AMfl-YRs2qyGLfdRWKiugUqs-f1IR5va0idpH3Zczb7_Ek6aDpr1367Nq5CkDd7mRXvYG4Z7ZjN26ywO3jiA8JqL-93cvTLYF2C8e7E3JA32GBvPZM-sMgQctS3Jwg-8bk1VJp9FJIS6p8ChDOQiO6c&sig=Cg0ArKJSzAaBpcw81DgPEAE&uach_m=[UACH]&adurl=
Frame ID: EB34BF354E94B3B6EA283B5816BD97CD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
Frame ID: 7F01075CC1290ECEF5DA0BB05CEC7E63
Requests: 22 HTTP requests in this frame

Frame: https://ads.metrike.link/creative-181570-3749666/728x90/index.html?clickTag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&clicktag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_location=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_zone_id=481283&__ab_zone_name=728X90%20-%20ALPB&__ab_publisher_id=98937&__ab_publisher_name=T5&__ab_campaign_id=737509&__ab_campaign_name=ALPB%20%7C%20ESSA%20CASA%20%C3%89%20SUA&__ab_advertiser_id=156990&__ab_advertiser_name=ALPB&__ab_banner_id=520934091&__ab_extra_data=&sw=1600&sh=1200&spr=1
Frame ID: CD7630A18586BC35999A45A448263472
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPvdIPZOFuXxmMC5LcHIyUX0SmzEApSZTW-AOrEA8TDdbC0czk6oicyMFsCBbJ-FIXnuBgw9ALA4BqofL9k7LCeaLGsYPaKmZYy0wqPEdC631KK5H0imM9afz7hBEht4coNd0BiUeGno-tTk87buPuc5HIX2EKvh_pvZ0b9itApt7gNIY
Frame ID: C2CA74AD4CCC5C3FFCAF7183283C32AF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0FD2D5BD9DCBAA65D40B6E835BE7F87
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 5CACF54652340B158D99CC59AAE81D5E
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27866400047317204444550012251001&actionid=981741&produktid=&dt_url=
Frame ID: 6042513EB7BA4DD6461FFCE67C4672D4
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045
Frame ID: 54CAE2029350EC34C311838AFA50857C
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc
Frame ID: E9192BC65820B5824710B7C520D9DE78
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9EAEB23D9277063AC613084DDB7D2C4
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 714184760DF6C539AB43890514D0D6D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C317D7E789BED72FA43E55CC0059C351
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 383B4FE283EC69E7ECDE5850FF87B960
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80F766F58490A36B5A30D8A464EA594D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D8D488F18BC6BEBFD1FE6B19295A5CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal T5 - Últimas notícias da Paraíba

Page URL History Show full URLs

http://portalt5.com.br/ HTTP 301
https://portalt5.com.br/ HTTP 301
https://www.portalt5.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

240
Requests

94 %
HTTPS

49 %
IPv6

41
Domains

62
Subdomains

48
IPs

10
Countries

4434 kB
Transfer

9751 kB
Size

36
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.metropoles.com/brasil
Title: Brasil

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/distrito-federal
Title: Distrito Federal

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/mundo
Title: Mundo

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/esportes
Title: Esportes

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/
Title: Metrópoles

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/entretenimento
Title: Entretenimento

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/celebridades
Title: Celebridades

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/ultimas-noticias
Title: Últimas notícias

Search URL Search Domain Scan URL

URL: https://jovempan.com.br/afiliada/joaopessoa-fm
Title: Ouça agora FM 102.5

Search URL Search Domain Scan URL

URL: https://politicaporelas.tv.br/
Title: Políticas Por Elas

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/nemteconto/
Title: Nem te Conto

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/autoplay
Title: AutoPlay

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/clapeclapeclape
Title: Clape Clape Clape

Search URL Search Domain Scan URL

URL: https://pipocasclub.com.br/
Title: Pipocas Club

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/t5imoveis/
Title: T5 Imóveis

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/tjpbnoticias
Title: TJPB Notícias

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/vaiorganiza
Title: Vai, Organiza!

Search URL Search Domain Scan URL

URL: https://bit.ly/3vFxp7h
Title: Do Sertão à Europa

Search URL Search Domain Scan URL

URL: https://bit.ly/3cQNVbJ
Title: Educação no Presídio

Search URL Search Domain Scan URL

URL: https://bit.ly/2OO27ug
Title: Vida com Microcefalia

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/clapeclapeclape/2023/02/28/labuta-filme-sera-feito-em-sao-jose-da-lagoa-tapada-mes-que-vem/
Title: Clape Clape Clape ‘Labuta’: filme será feito em São José da Lagoa Tapada, mês que vem

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/nemteconto/2023/02/01/emerson-junior-goleiro-do-internacional-posta-nudes-por-engano-nas-redes-sociais/
Title: Blog Nem te Conto Emerson Júnior, goleiro do Internacional, posta nude por engano nas redes sociais

Search URL Search Domain Scan URL

URL: https://www.milkafreitas.com/post/cheguei-nos-40-anos-e-n%C3%A3o-percebi
Title: Milka Freitas CHEGUEI NOS 40 ANOS E NÃO PERCEBI

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/vaiorganiza/2022/12/15/desapego-de-brinquedos-para-doacao/
Title: Vai, Organiza Desapego de brinquedos para doação

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/novabrasilmaceio/2022/11/18/professor-lanca-livro-sobre-estrategias-da-comunicacao-nas-disputas-presidenciais-no-brasil/
Title: Nova Brasil Maceió Professor lança livro sobre estratégias da comunicação nas disputas presidenciais no Brasil

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/autoplay/2023/01/09/toyota-prius-ganha-novo-visual-e-novas-tecnologias/
Title: Auto Play Toyota Prius ganha novo visual e novas tecnologias

Search URL Search Domain Scan URL

URL: https://pipocasclub.com.br/2023/03/01/noites-alienigenas-filme-vencedor-do-festival-de-gramado-ganha-trailer/
Title: Pipocas Club Noites Alienígenas | Filme vencedor do Festival de Gramado ganha trailer

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/tjpbnoticias/2023/03/01/corregedoria-realiza-inspecao-em-cartorios-judiciais-e-extrajudiciais-da-comarca-de-soledade/
Title: TJPB Notícias Corregedoria realiza inspeção em Cartórios Judiciais e Extrajudiciais da Comarca de Soledade

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/abrhacao/2022/11/01/o-valor-do-s-do-esg-e-o-papel-do-rh-na-implementacao-de-acoes-sustentaveis/
Title: ABRHAÇÃO O valor do “S” do ESG e o papel do RH na implementação de ações sustentáveis

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/t5imoveis/2023/02/22/direitos-do-consumidor-sao-afrontados-tambem-no-modo-virtual/
Title: T5 Imóveis Direitos do consumidor são afrontados também no modo virtual

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/secuida/2022/06/02/se-liga-na-dica/
Title: Se Cuida Se liga na dica!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/portalt5/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalt5/

Search URL Search Domain Scan URL

URL: https://twitter.com/portal_t5

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TvTambaupb

Search URL Search Domain Scan URL

URL: https://blog.portalt5.com.br/nemteconto
Title: Nem te Conto

Search URL Search Domain Scan URL

URL: https://www.cworks.com.br/
Title: Desenvolvido por

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portalt5.com.br/ HTTP 301
https://portalt5.com.br/ HTTP 301
https://www.portalt5.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 184

https://www.portalt5.com.br/header-partner_header-partner-no-sticky-red_files/css HTTP 301
https://www.portalt5.com.br/header-partner_header-partner-no-sticky-red_files/css/

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABtR6x-N0jVXl.TjYLPFAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1&google_hm=2

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFu9go5uL18rQkz6yTSXWM8&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D

Request Chain 200

https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.portalt5.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.portalt5.com.br%2Chttps%3A%2F%2Fwww.portalt5.com.br&random=7019528719620&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.portalt5.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.portalt5.com.br%2Chttps%3A%2F%2Fwww.portalt5.com.br&random=7019528719620&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 203

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=27866400047317204444550012251001&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27866400047317204444550012251001&actionid=981741&produktid=&dt_url=

Request Chain 205

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045

Request Chain 207

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27866400047317204444550012251001 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27866400047317204444550012251001 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 208

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(27866400047317204444550012251001)273820513 HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 215

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIZTaJVpyssh5C19cC794m4&google_cver=1&google_push=Aa02lx-Qu1QWO9RIO6fhANPvRxgaYp-RJ0n1zneKFaY1pvGVp3-vHQ5ZjfDXGuM4ikeI8uD0pn74EINDhsTNr7veMOB_VIE-IzXh5cxc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg1NjkzMDYwNjIzNjg3Mjg2NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIZTaJVpyssh5C19cC794m4&google_cver=1

Request Chain 217

https://um.simpli.fi/gp_match?google_gid=CAESEOXHpsBlXl6-IJDFGPNX4eE&google_cver=1&google_push=Aa02lx8AAPezi2XleCv3sC5nnEls-qi_1ebXOGyf9cRiNGubdVm6rqh6eriY9Hm4zpHa45w-izvojLfoch67Pm7A1VBxMwBMvAraJM5z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=956DF9C354DF4C9684998AECFE457152&google_push=Aa02lx8AAPezi2XleCv3sC5nnEls-qi_1ebXOGyf9cRiNGubdVm6rqh6eriY9Hm4zpHa45w-izvojLfoch67Pm7A1VBxMwBMvAraJM5z

Request Chain 218

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENlis19cwyDUUzKlm2_Za_k&google_cver=1&google_push=Aa02lx_r-UHD105UHGF-4fAYhdpV8M_SUg_MBzPbF5F-SBDMKnD9KWC8Aub35FmezKhzmHuXW5eWvOGaDkSHX-Xnc2FTq0GO3IUbk9Qq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_r-UHD105UHGF-4fAYhdpV8M_SUg_MBzPbF5F-SBDMKnD9KWC8Aub35FmezKhzmHuXW5eWvOGaDkSHX-Xnc2FTq0GO3IUbk9Qq

Request Chain 219

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ6cjGBDkzqOM2V8SXFdGUc&google_cver=1&google_push=Aa02lx8UI-0AZuuYnT9yBT8vkSK31yTfUDP6lMTKltWYDG7llXbbY1y1xABsMEPwyea-NJbE9iqaPsfOwrI6qARAMTvAZ8DqAySAnYT2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8UI-0AZuuYnT9yBT8vkSK31yTfUDP6lMTKltWYDG7llXbbY1y1xABsMEPwyea-NJbE9iqaPsfOwrI6qARAMTvAZ8DqAySAnYT2

Request Chain 220

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKixtxtzRCs_ruuiw7qiONI&google_cver=1&google_push=Aa02lx8ojLHMGgRvC9NWzFUIJ1ed3KSkyQ5LTwzf8zIM-fucJrFvOJia7M70J3P-E13iqrrXKqczGhp31efLIQmkliiM1Dn7DvX8G3CTFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D&google_gid=CAESEKixtxtzRCs_ruuiw7qiONI&google_cver=1&google_push=Aa02lx8ojLHMGgRvC9NWzFUIJ1ed3KSkyQ5LTwzf8zIM-fucJrFvOJia7M70J3P-E13iqrrXKqczGhp31efLIQmkliiM1Dn7DvX8G3CTFw

Request Chain 221

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKSCYy35JTnchBKD2mJQnIQ&google_cver=1&google_push=Aa02lx_rjZD69Gb5BtFPCVwwKX4PHX4yAyFkjrzaZZMwpOeDn6FKEf4OVhsZnP4KRokREa4MmuXnNy7IMKxRKkavU4gBMdAS-Ll9vSpWAw HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKSCYy35JTnchBKD2mJQnIQ&google_cver=1&google_push=Aa02lx_rjZD69Gb5BtFPCVwwKX4PHX4yAyFkjrzaZZMwpOeDn6FKEf4OVhsZnP4KRokREa4MmuXnNy7IMKxRKkavU4gBMdAS-Ll9vSpWAw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffb36375-e7be-4937-bc1c-386814b41908&%%GOOGLE_PUSH_PAIR%%

240 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.portalt5.com.br/
Redirect Chain

http://portalt5.com.br/
https://portalt5.com.br/
https://www.portalt5.com.br/

292 KB
59 KB

1414ms
1375ms

Document
text/html

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

ef44290c548dfb9829dcc24820136bf86b6e24a4593414d668ddfbe83d920017

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains always
X-Content-Type-Options	nosniff nosniff always
X-Frame-Options	SAMEORIGIN DENY SAMEORIGIN
X-Xss-Protection	1; mode=block 1; "mode=block " always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: SAMEORIGIN https://www.portalt5.com.br/, www.portalt5.com.br/, https://portalt5-static.cworks.cloud/
age: 2
cache-control: private, must-revalidate, max-age=120, s-maxage=120
content-encoding: gzip
content-language: pt_BR
content-security-policy: upgrade-insecure-requests upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 02 Mar 2023 09:32:51 GMT
grace: none
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade
server: fbs
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains always
vary: Accept-Encoding
x-app: portalt5_node3.portalt5_portal #0
x-cache: HIT
x-cache-hits: 1
x-cache-time: Thu, 02 Mar 2023 09:32:50 GMT
x-content-type-options: nosniff nosniff always
x-frame-options: SAMEORIGIN DENY SAMEORIGIN
x-hw: 1677749569.cds317.fr8.hn,1677749569.cds136.fr8.sc,1677749571.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1677749571.cds136.fr8.p
x-origin: web
x-varnish: 2429701 4372682
x-xss-protection: 1; mode=block 1; "mode=block " always

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=0
content-length: 0
date: Thu, 02 Mar 2023 09:32:49 GMT
location: https://www.portalt5.com.br/
x-hw: 1677749569.cds317.fr8.hn,1677749569.cds136.fr8.c

GET
H2 200 style.css
portalt5-static.cworks.cloud/fileadmin/sites/portalt5/css/ 223 KB
32 KB 493ms
440ms Stylesheet
text/css 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalt5-static.cworks.cloud/fileadmin/sites/portalt5/css/style.css?1675875516
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c967e406e8193fe0a18b3908d6ff3fe42f6a2dc03abb76eadd3faa17513e4b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=229547
grace: none
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Wed, 01 Mar 2023 13:00:10 GMT
cf-bgj: minify
last-modified: Wed, 08 Feb 2023 16:58:36 GMT
server: cloudflare
etag: W/"63e3d4bc-380ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6FkVZiW%2BAXxu2GII6bXhwCQk9DXJwHo14GNOJP57VMVJGAQGy1fH9xxbrHy3SH82ON8igovgfQVwhXuUImfOrOFozIbcgqLhbMGe0XQEDLwwZ%2BU8sOfH%2FQd6NM5udBfM%2FGjYEB3y3jejX%2FSrOM5DelWmiskWHlbd9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 104047803 99448042
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
cf-ray: 7a18a2856e46925b-FRA
expires: Thu, 09 Mar 2023 09:30:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 229ms
81ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b0963f14226beb0e141c1d4def4cc1bc70e8ef8792a527f80a11c8591ba63f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26901
x-xss-protection: 0
server: sffe
etag: "1498 / 814 of 1000 / last-modified: 1677711908"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 09:32:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 146ms
117ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0c28534718d1daa630d3b39a40a00d7164d3c3d938d0606522aa2cbb45c5145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48035
x-xss-protection: 0
server: cafe
etag: 14415613210022529412
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:32:51 GMT

GET
H2 200 denakop.js Show response
v3.denakop.com/ 60 KB
19 KB 155ms
113ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/denakop.js

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf36f5ee3b211c138d24511daef077a9e6188f9d7536b88e0fa6caf64dc173d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 17 Aug 2022 02:19:31 GMT
server: cloudflare
etag: W/"62fc5033-eee6"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7a18a2887e8b9211-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Mar 2023 10:32:52 GMT

GET
H2 200 hystmodal.css
portalt5-static.cworks.cloud/fileadmin/ 2 KB
1 KB 501ms
448ms Stylesheet
text/css 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalt5-static.cworks.cloud/fileadmin/hystmodal.css
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62545b662826a9d6fcf2d5afc6fa3630d33cb1abcd6fd51963267c9d9717f6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: br
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: none
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:51 GMT
last-modified: Wed, 20 Oct 2021 12:55:32 GMT
server: cloudflare
etag: W/"617011c4-8f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B5Zm482fwhC%2FO31JIBXsMhpL0KN9a2h5Wt%2B3LAexR9VqNR4kqaT%2FLpsAfcddCt77YA1yXZ1I8nPhqBs1cBPMv48906scp%2F6FRE8KNMCvSSDtvKvXa5Zt44VSbBynu7DqNlVPy90xeWYA1CM689NmGGiM8DNCR0%2FZe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 977962 4372609
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
cf-ray: 7a18a2856e48925b-FRA
expires: Thu, 09 Mar 2023 09:32:02 GMT

GET
H2 200 pastoclockp.js Show response
data.gblcdn.com/data/ 21 KB
6 KB 53ms
19ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gblcdn.com/data/pastoclockp.js?aid=6f4889f8e38ca8e79c6a&pubid=07299000-1de7-11eb-8069-735563ddbe85&pid=unrlyyuhxxs&renderD=0&limitT=0&limitH=24&parent=body&t=i&mt=b
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96495736e304e92c2c59f020def4d40398dd58502ad7504281cab1e4a8ccf3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:51 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: w.Gf85prZuTFkJVjfHHqOj9vtPXeqD6H
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42043
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 03 Jun 2022 09:39:02 GMT
server: cloudflare
etag: W/"d38eebc021752f86f15983ab1ffaaf45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6byDad2ipdg%2FD0IE0XeJfpx7LlNnvroZuaFsxLFSDwjYKC1uR3VMI9mttHnsZdmfVzVboG1dtrJKAqeMGVrVaXUWfPrdIN1nVpozuApllLDKVxXkZzASTJi5n40KNuCdlC7lwgsaQvs07PyMRkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7a18a2887ecf363b-FRA
x-amz-cf-id: wWAZgul_rePBL4ua3v1K30jATSbRCtsC_f3FH8zwVqgjyuPVNNzHow==

GET
H2 200 script-no-sticky-red.js Show response
files.metropoles.com/header-partner/ 908 B
1 KB 1145ms
24ms Script
text/javascript 185.76.9.107
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://files.metropoles.com/header-partner/script-no-sticky-red.js
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.9.107 Stockholm, Sweden, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-9-107.azioncdn.net
Software: UploadServer /
Resource Hash: c6b82564455b633f4c1fa04ca8249d4a241ae71e2f0942167664413e273f5cc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
age: 0
x-guploader-uploadid: ADPycdu2dp0V8vKJ0eGZ0P5sMD_vzrEUzH4XbzjI6TLuOxgRnFjVuyywR7CfrDKPnIjSubbxfyPnMv4-nMU4sagUmXQTGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 908
last-modified: Tue, 27 Jul 2021 21:22:05 GMT
server: UploadServer
etag: "f1cf4ac5c8aab44d87045264942279a1"
x-goog-generation: 1627420925771672
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=1w66lQ==, md5=8c9KxciqtE2HBFJklCJ5oQ==
cache-control: max-age=2330060
access-control-allow-credentials: true
x-goog-stored-content-length: 908
accept-ranges: bytes
expires: Wed, 29 Mar 2023 08:47:13 GMT

GET
H2 200 csm_tambau-manha_14bfaf0796.png
www.portalt5.com.br/fileadmin/_processed_/5/e/ 5 KB
5 KB 903ms
902ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portalt5.com.br/fileadmin/_processed_/5/e/csm_tambau-manha_14bfaf0796.png

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

0514d4b5295c88b8a6b6df74c5101aaae852ca153bf7d0112a9064ef46171148

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-origin: web
age: 113
grace: none
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 5372
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2021 03:00:03 GMT
server: fbs
etag: "5ff67933-14fc"
x-frame-options: SAMEORIGIN, DENY
x-hw: 1677749571.cds317.fr8.hn,1677749571.cds326.fr8.sc,1677749572.cds326.fr8.pr
content-type: image/png
x-varnish: 4532460 818895
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=120, s-maxage=120
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
2 KB 52ms
25ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Mar 2023 09:32:51 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 4321
x-jsd-version: 1.16.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1256
x-served-by: cache-fra-eddf8230114-FRA
x-jsd-version-type: version
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c26b31b3-e026-4f95-b46d-42a81eb00650.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 51ms
17ms Script
text/javascript 2606:4700:e2::ac40:8608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/c26b31b3-e026-4f95-b46d-42a81eb00650.js
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51597c65d273ecc65ae1654cb9fdfe36c6f92b4b5ca6f7479c756200a764d649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:51 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 5158
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Nov 2022 14:08:51 GMT
server: cloudflare
etag: W/"aad29e64a6d04023832ac57dfe592c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qj9f6boB76oHHlNucgTj47iPmKxNUEQFyie1OmNEIzjTW%2FUJi5IVDAcqRmVRdEbZXrXN1YoAN0cJwO%2BYALghp%2FqEqDHv6fxMJZ9K%2FU99lFScHh8ixHrpcuX2KBzVfisyzsrqTpS%2FABo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 7a18a2887b873802-FRA
x-amz-cf-id: UFqHIPpxKXrt2RYsBA9ioLjO_9qLxatU4NmCTZHBJhBX9Tk89NsFGQ==

GET
H2 200 all.js Show response
portalt5-static.cworks.cloud/fileadmin/sites/portalt5/js/ 207 KB
64 KB 848ms
847ms Script
application/javascript 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalt5-static.cworks.cloud/fileadmin/sites/portalt5/js/all.js?1671216159
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff6616e7860b8c9e71353a71246494cc9f4e8b96cd7c797c432f204c377d1485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: limited
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
last-modified: Fri, 16 Dec 2022 18:42:39 GMT
server: cloudflare
etag: W/"639cbc1f-33da0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPHEJmIyIlPNuo2CJYr2xLp2NZA0urm08o1j2%2FTJ%2FvSFXPnX7G7vbjaKJv%2BbrSxwtPUX5hNnDuJ6QwmUGpTF0f6v89Wn7LbeAQsjxW26U6ufIXFHtmfJrnG7JqLXLIPX%2BLt4UceWCba9mCH21luoAxCZBhj8rQdKIfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 7427454 3024832
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
cf-ray: 7a18a28838fb925b-FRA
expires: Thu, 09 Mar 2023 09:30:25 GMT

GET
H2 200 Lozad.js Show response
portalt5-static.cworks.cloud/typo3conf/ext/cw_base/Resources/Public/JavaScript/ 69 B
516 B 436ms
434ms Script
application/javascript 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalt5-static.cworks.cloud/typo3conf/ext/cw_base/Resources/Public/JavaScript/Lozad.js?1671216160
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9e9a5bd46e1a40a0b3a6a2ce0045fe1e913fef1d4d08d422d4a780d8e2a7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=85
grace: none
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Mon, 16 Jan 2023 08:38:12 GMT
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 18:42:40 GMT
server: cloudflare
etag: W/"639cbc20-55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13a9vxTl0ZZnLkBPgFZKP5BDrRZFoo18dfdvT3WtoRNiFgRXgb5aeNoY0o4Tz3OpQjr1mob2eLvaK9%2FWC5svPe91I5fenR7sBYKK7JJeq9wkBXixDyi63FQu15SLHNZrKB7cfYbbIAXhQ%2Buz6uw2H7OVjpc0Gd8rKiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 120351973 119223418
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
cf-ray: 7a18a2883903925b-FRA
expires: Thu, 09 Mar 2023 09:27:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 96ms
70ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=optional

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70c389dd3f494ca6669f3bc6bea2a41d4776f6e0ecc5cc6d38d06b24fd5aad4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:32:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:32:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
49 KB 151ms
67ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KG4VNH

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a138763591ee6a8f71261b26449b10a66ad88e0aa197273c1766493158d8033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49567
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 09:32:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
40 KB 146ms
62ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GVZ7M3

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a83dbe22335e9b198def2444145a4f1686a9bace8a69652f4e6213c4061b629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40200
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 09:32:51 GMT

GET
H2 200 / Show response
www.portalt5.com.br/sbbi/ Frame 75C2 25 KB
11 KB 25ms
24ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf&sbbgs=h4da341fcdf72064e33ee1a4fff119519b40&ddl=2
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b4e4b4344c251792e104d42b6da979ffbb1174a0aa29f4911bcb5b8885357d98

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:32:51 GMT
server: fbs
x-accel-expires: 0
x-hw: 1677749571.cds317.fr8.hn,1677749571.cds142.fr8.sc,1677749571.cdn2-wafbe03-fra1.stackpath.systems.-.i,1677749571.cds142.fr8.p

GET
H2 200 /
www.portalt5.com.br/sbbi/ 43 B
168 B 23ms
22ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.portalt5.com.br/sbbi/?sbbpg=utMedia&vii=bh94fd0a23b421ff6cfd8f87e2406694eeb3234ece910af4bfafff9171294531r9mbi4u0
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Thu, 02 Mar 2023 09:32:51 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1677749571.cds317.fr8.hn,1677749571.cds122.fr8.sc,1677749571.cdn2-wafbe03-fra1.stackpath.systems.-.i,1677749571.cds122.fr8.p
content-type: image/gif

GET
H2 200 csm_logo_desktop_4542162a68.png
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/8/8/ 9 KB
10 KB 454ms
436ms Image
image/png 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/8/8/csm_logo_desktop_4542162a68.png
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eafb6adc2f3b77df85dbaa3c0417bc80138bb74243ecc9d319e077ff85868d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: none
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 9498
last-modified: Thu, 10 Mar 2022 19:50:54 GMT
server: cloudflare
etag: "622a569e-251a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu244kOlCY5IyaqtAmfaIRF5Bjaq0IuTa4L83hzfaP7IcUCIjsU%2BOofgYfwjnvpC9AkrfnvbUOstsXa3Ma4oJaT3THVWOgrE7tvrQIox6cMaVHvWPkn9QpCT6rbcbSgyUQafKIfsp50SOQZPnTZOYA4JkNIm3Wg8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 841846 4149255
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288895c925b-FRA
expires: Thu, 09 Mar 2023 09:32:04 GMT

GET
H2 200 pubads_impl_2023022701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132634
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 09:35:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 05:39:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
107 B 99ms
52ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.portalt5.com.br

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b51ddba4a6e1e3db4688f9bc841f52462f4e382452a9022f7fca36f7338aaa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:51 GMT

GET
H2 200 csm_apreensao_de_drogas_Mandacaru_-_Reproducao_Policia_civil_3679b2fe7c.jpeg
portalt5-cdn1.cworks.cloud/fileadmin/_processed_/b/d/ 28 KB
28 KB 661ms
641ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn1.cworks.cloud/fileadmin/_processed_/b/d/csm_apreensao_de_drogas_Mandacaru_-_Reproducao_Policia_civil_3679b2fe7c.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d301a8cb92aad636308cc3f4f005b2c2e2d781982e421489bdebae672c821b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 28559
last-modified: Wed, 01 Mar 2023 18:01:36 GMT
server: cloudflare
etag: "63ff9300-6f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeUv7vsXXGJHbJNL8Ppny5t4VWlAPwqJfaBU%2Fmbfb2A9TG%2FcWt5u9LQETbxCrAAzSPcqKaC%2B6xlYNP4Gc3lbUb%2FgiCS%2BNWOPYfq%2BcZOUZx9oNOiafuIEaMIB6TmZZAz8%2BZm5HPQfp5xtS0VdF2dZBZeK7RhdXoTw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 24882 4073394
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288d99f925b-FRA
expires: Thu, 09 Mar 2023 09:25:33 GMT

GET
H2 200 csm_52719878152_4a5589d059_o_ec8e712d9b.jpg
portalt5-cdn2.cworks.cloud/fileadmin/_processed_/c/4/ 7 KB
8 KB 464ms
441ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn2.cworks.cloud/fileadmin/_processed_/c/4/csm_52719878152_4a5589d059_o_ec8e712d9b.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395908886b3c854843d8feb091e022ffff489970d9cd7efd4461769ff279e839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 7332
last-modified: Thu, 02 Mar 2023 03:52:25 GMT
server: cloudflare
etag: "64001d79-1ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qtv1PGGRZCSVDjRw9MEWW0MrVEzH1oIFuc1rdwu79mJJ2ArLLeCeCdLprMPoW8fpUFCEWKVXVMXYZFr%2BTeXDnYYq0r6VlXlb9SzJBVFH4AU25bdgTUe9bfZWpcycx5NOuO%2FIySzpGWLP6yrWfMDygvt6fgi8SNG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 3127110 2356492
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288d9a3925b-FRA
expires: Thu, 09 Mar 2023 09:25:33 GMT

GET
H2 200 csm_acaua_transferencia_Patos_Joao_Pessoa_3cf5ab5bba.jpg
portalt5-cdn2.cworks.cloud/fileadmin/_processed_/0/8/ 4 KB
5 KB 463ms
440ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn2.cworks.cloud/fileadmin/_processed_/0/8/csm_acaua_transferencia_Patos_Joao_Pessoa_3cf5ab5bba.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2453942f6bfdde8dbf3da749ec50cf04b7f9caee9e8b59b70b1e333f11141e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 4150
last-modified: Thu, 02 Mar 2023 00:33:51 GMT
server: cloudflare
etag: "63ffeeef-1036"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9tj8X6v5OGFlWRCAGwhFRYfVZl%2Bb9n4s4iDEAX8RsnQt4j%2BB%2Fc20EBMLtLGu20910aq1JKlF4%2Fa2sVyJHr8xN7MMn4%2FKoPJTNJYuuD5ZNd%2BAaag9FILOcnVYGyf72onc72S6UUtetgRlSBw8fKAsNgUC6fTryOv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 3062260 5641721
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288d9a5925b-FRA
expires: Thu, 09 Mar 2023 09:25:19 GMT

GET
H2 200 csm_PREFEITURA-DE-BAYEUX_9265e640ea.jpg
portalt5-cdn2.cworks.cloud/fileadmin/_processed_/4/d/ 7 KB
8 KB 465ms
443ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn2.cworks.cloud/fileadmin/_processed_/4/d/csm_PREFEITURA-DE-BAYEUX_9265e640ea.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f26405855e17ce9727718396875eeeadec5bf840ec915b55154fdc4c255b2ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 7573
last-modified: Wed, 05 May 2021 00:34:02 GMT
server: cloudflare
etag: "6091e7fa-1d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaNZbdO%2Baar6VsuHHhb2RwlOtwSqL231%2BPZ2jEySK3YYIH%2FqH9F0EJ%2BWKsv6M%2Fts0m7aVpeEVmuSu9ltH%2FHmPr8jN6Uy8Q%2BkXk9lPq7z8Kio3VBcig3SZAOgQNQ3woVkBOLC99a751PZ40q3ggGZFL9tcFkIzDbA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 507853 738496
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288d9a7925b-FRA
expires: Thu, 09 Mar 2023 09:25:19 GMT

GET
H2 200 csm_Centro_de_Ciencias_Exatas_e_da_Natureza__CCEN__da_UFPB_3bce5b734d.jpeg
portalt5-cdn2.cworks.cloud/fileadmin/_processed_/f/a/ 8 KB
8 KB 440ms
439ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn2.cworks.cloud/fileadmin/_processed_/f/a/csm_Centro_de_Ciencias_Exatas_e_da_Natureza__CCEN__da_UFPB_3bce5b734d.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b4dd9d94b6df6d9ed341f2431de2eee2934b05c72ee09439d2847bcbfe87a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 8039
last-modified: Wed, 01 Mar 2023 22:34:45 GMT
server: cloudflare
etag: "63ffd305-1f67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwrgov6UIHs49gwfHCLb8CmMgkyq2hm02BQpJqd3%2FMkKp%2BYhmTi%2FzcRAxleDsIv1tzX51jArrmH49to%2BdJUc8vp%2Fs8HTevO1ZQqSzPf8KmFkK%2BAgrmEnW6v0Li7EcuNCfxQLV9MymldoByJf84x3tpG41zfiIPoo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 3953280 6909996
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288d9a9925b-FRA
expires: Thu, 09 Mar 2023 09:12:09 GMT

GET
H2 200 csm_bolsa_senado_foto_94a149860c.jpg
portalt5-cdn2.cworks.cloud/fileadmin/_processed_/5/1/ 6 KB
6 KB 467ms
461ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn2.cworks.cloud/fileadmin/_processed_/5/1/csm_bolsa_senado_foto_94a149860c.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2f67efa4464faa86d94e6105c044c3295cd498ca71e4c28ae02266bc8ad334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: limited
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 6136
last-modified: Thu, 02 Mar 2023 09:06:08 GMT
server: cloudflare
etag: "64006700-17f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keEDq0cZ6L8WQ3skyERcG%2B0JUR2IlnQ776RVLLLdFMdJg2gShBFQTfALmAXoPjM0iHA3ar6FNY%2BYX%2BUO10ROP9IfgDSxWDlOE8eLO7R00RHexfKt5Xmth%2FjJiSDBxFtun0QtJfxbdzFEH2nvrr9k3I1Q2TghiBYe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 841848 322403
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288f9d2925b-FRA
expires: Thu, 09 Mar 2023 09:30:11 GMT

GET
H2 200 csm_vacinacao_covid19_foto_dayseeuzebio-6-300x218_a3bcff64e5.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/5/9/ 11 KB
11 KB 458ms
452ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/5/9/csm_vacinacao_covid19_foto_dayseeuzebio-6-300x218_a3bcff64e5.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c759d57b39f32ee870e51b4149271b2b9c6a4ae962108f9cbbbd0f7589cbc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 10782
last-modified: Sat, 19 Jun 2021 22:35:28 GMT
server: cloudflare
etag: "60ce7130-2a1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2%2FFn%2FElwIhrsYGsUBD9Uju3aFoyNmhM8RVkO%2BR7slZcTAQZvd3ds0OkR3l1GldwzJPZRARqjbKUveqboSa7KCH9Mi6NULRQTXKc1NhqFlfVneqc6L9UWGXmIz6xuewe6LNRprWlJDx1F%2FDuUzRU2ZUK8yeGPX9u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 142247 4185514
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288f9d4925b-FRA
expires: Thu, 09 Mar 2023 09:20:31 GMT

GET
H2 200 csm_Sala_de_aula_PB__a62c7c4569.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/2/f/ 11 KB
11 KB 463ms
457ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/2/f/csm_Sala_de_aula_PB__a62c7c4569.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbab8cc4e8b5cba3d82ff593ef89e8cf7d50e2f286e635bba0e3b945502a00a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node1.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 11294
last-modified: Tue, 02 Feb 2021 16:07:06 GMT
server: cloudflare
etag: "601978aa-2c1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euX%2BcpcIlg8djnah4kAlA0EL5bHTumG3Bs%2FqafytV6%2FRaMy7f%2BsdrIw9urIY16d6m4msQfrIKk%2BkwB%2FEGfoqAo81UR1CS1n6DJLEFJCot7LCW097qM%2BXlEGMh6VXiJWaxw3MyK6bRDX%2Bd3ghv4BTx4WOr1mgMzbC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 6374434 7164415
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288f9d6925b-FRA
expires: Thu, 09 Mar 2023 09:25:19 GMT

GET
H2 200 csm_SMS_VACINACAO_4_DOSE_FOTOS_KLEIDE_TEIXEIRA_02-1024x683_70512c89d0.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/f/b/ 15 KB
15 KB 646ms
640ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/f/b/csm_SMS_VACINACAO_4_DOSE_FOTOS_KLEIDE_TEIXEIRA_02-1024x683_70512c89d0.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd9f4db923c84c6c23c91ef35897be7782bdb2b55ca233e8d0ad937cd69268ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 14880
last-modified: Wed, 01 Mar 2023 11:49:50 GMT
server: cloudflare
etag: "63ff3bde-3a20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epYuzDAQwUTfGw2FJfSk%2FJ6AWFaCH7ur0pfTTPkD%2BgTBAiQkslRFtaOcG1PUMCCQFNuYMuZIB0G4zYLNnFNKvxDpXxoQbbUp6osI%2Fu5h4Sz1zrv3LANxohqPgk%2BhO9uPhiBf%2B6tzt1JNDmKCRA5J31OovTqPQwoU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 4532458 158914
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288f9d9925b-FRA
expires: Thu, 09 Mar 2023 09:25:19 GMT

GET
H2 200 csm_CAMINHAO_INVADE_CASA_4fbcc2e361.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/7/4/ 16 KB
16 KB 647ms
641ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/7/4/csm_CAMINHAO_INVADE_CASA_4fbcc2e361.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7113b17cdbb5abc1ea266293f147d2b41a0e264accbc62b229049f1381b695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 16065
last-modified: Wed, 01 Mar 2023 22:20:03 GMT
server: cloudflare
etag: "63ffcf93-3ec1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqfFuxBfO8u9egLLmsUsY3QljlVwC5%2FKJV2NJlaYYbNlJs7Nt7DQqFEqGY5g9Sfek7PQuykeKD0ukMVWwM7%2FQf8jL4DOm1l7N7qQrOZM3DVpsbDTnIYsO7kandpHx8xF3gjnjifQ4eVpqZKng%2Fv93HIdzBeosK2S"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 6089837 1005526
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288f9db925b-FRA
expires: Thu, 09 Mar 2023 09:20:31 GMT

GET
H2 200 csm_ENTERRO_PREFEITO_PEDRAS_DE_FOGO_479c17cd38.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/2/c/ 16 KB
16 KB 649ms
643ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/2/c/csm_ENTERRO_PREFEITO_PEDRAS_DE_FOGO_479c17cd38.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75071cf9be2ca98872d47bb01889d8485fdc9f8cfe7916a629628e7eaa616875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 16200
last-modified: Wed, 01 Mar 2023 22:50:47 GMT
server: cloudflare
etag: "63ffd6c7-3f48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gwcpj%2FWxXwFBZZzmLc6dO0r8DQBl0GtkzM52J4Up7dV%2BSBUAxYPGDk5wOxQ2g3r7WGCtaTaxLojw8F3aoXjPk%2B8REZeaCpwDo0TppM6oxfk1DxAoJa7VYfTBRrvMPn4gLb0%2F4AiHPVTqMPXgcRr2ExAk5n%2BLf5AF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 1825427 874885
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a288f9dd925b-FRA
expires: Thu, 09 Mar 2023 09:25:19 GMT

GET
H2 200 csm_DRACO_-_APREENSAO_DE_CIGARROS_FOTO_POLICIA_CIVIL_4c034088c9.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/a/5/ 10 KB
10 KB 434ms
434ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/a/5/csm_DRACO_-_APREENSAO_DE_CIGARROS_FOTO_POLICIA_CIVIL_4c034088c9.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb8bae53fc18fa6edf91362723a1b2cf65b126921d5d489da0c69c6f6fb77bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 10151
last-modified: Wed, 01 Mar 2023 22:05:23 GMT
server: cloudflare
etag: "63ffcc23-27a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrRMJXUBjs9q58gF5Dv3dzoev%2FkrAVi6NJmbq2R5CLO3THd%2FaDU1jEdXwK3s3%2F5FMn7LdOf2BUgHHksrxwCSmo2vnpXh5VrmmmJrfIZw6bGNh5hRrrj7cC1EA42llvoX1V7nrdU8zWpvRwOLvtlKA6aG%2FPWIcCPG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 3127113 1141242
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28b4c5d925b-FRA
expires: Thu, 09 Mar 2023 09:25:19 GMT

GET
H2 200 csm_manoel_junior_foto_walla_santos_10.jpg__1200x630_q85_crop-smart_subsampling-2_upscale_5782393508.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/f/4/ 11 KB
11 KB 436ms
433ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/f/4/csm_manoel_junior_foto_walla_santos_10.jpg__1200x630_q85_crop-smart_subsampling-2_upscale_5782393508.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1899cc276278469f85e86ba0ed4c06af74e2b2effbf67985488fb40bae797b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:52 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 11285
last-modified: Wed, 01 Mar 2023 17:01:50 GMT
server: cloudflare
etag: "63ff84fe-2c15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX3AOeU0%2B7REn%2BKaauxsifwONgtL9%2BAZzXrsN67XBd1hiLZxRAeO3l%2BHke%2F0QU4DF%2BWDdkRUsZLP9NWX5hXAuwF6xpWcYPlEZAITROjN8gIiLKOlfc5j7RJRA4rUCHO4IjZkJjnRpCSbZ%2FMGgbwwEeS2EynS3DU1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 507856 1963368
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28bdcf4925b-FRA
expires: Thu, 09 Mar 2023 09:14:43 GMT

GET
H2 200 csm_Republicanos_e_Joao_Azevedo_6e32a2a19e.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/a/b/ 14 KB
14 KB 635ms
635ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/a/b/csm_Republicanos_e_Joao_Azevedo_6e32a2a19e.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c26db5f17c94bf0de4c7d2d06421aa02a97e96393d0fb64ef2a9a1134c0ee4fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 14129
last-modified: Wed, 01 Mar 2023 14:43:19 GMT
server: cloudflare
etag: "63ff6487-3731"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3MfPOuUIHwyLXeI970u5QvNUbuDqD4QKSdf1Pw1rPeyKidspH%2B%2FpzBdsJ2O0P71B58iJJcsmPWZ1QJ0m1eCfDtyIFPgKj%2FIawtV8PTvubYXPWebVft9SahfQ7IR44nuG8NE577k1yuDEwXTs9fBcrWWXWyjALWW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 4149294 3499387
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28bdcf7925b-FRA
expires: Thu, 09 Mar 2023 09:03:44 GMT

GET
H2 200 csm_csm_IMG_5842_812b97bc39_d83579c555.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/0/9/ 10 KB
11 KB 435ms
434ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/0/9/csm_csm_IMG_5842_812b97bc39_d83579c555.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434257e9dd863bac68ef99b6d196aa0207bebf0d01c48dc4515e287ba5196a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 10278
last-modified: Tue, 28 Feb 2023 13:19:52 GMT
server: cloudflare
etag: "63fdff78-2826"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efIJf2w17U75Frjeid%2FqhrBauZ6VfHurZ1esDYDURW80YDquJuzap7kbmsJf2T8eNszI7UTsSy8%2FO4HoC58VAiF%2F0eJOTjC6QOfLD1mFQtdpB6qiMYM4o4sK8kDt8EXXPIyUtiUKxi3ZEQbdPiv52py7vnoYnC4q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 4435381 4502785
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28cfe0d925b-FRA
expires: Thu, 09 Mar 2023 09:25:34 GMT

GET
H2 200 csm_praia_do_bessa_paraiba_joao_pessoa_foto_dennison_vasconcelos_6579df77ff.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/3/9/ 8 KB
8 KB 432ms
432ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/3/9/csm_praia_do_bessa_paraiba_joao_pessoa_foto_dennison_vasconcelos_6579df77ff.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0deadd7eddaa2c76e36fdcee1a195304340970afa03152b4db463188996389d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 8105
last-modified: Mon, 21 Dec 2020 11:49:17 GMT
server: cloudflare
etag: "5fe08bbd-1fa9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqQaZWh%2FASuCbsKAijB9zOWp36fVNDmjVWeAMTzJm4PZkhX3Hl%2FVszsdcQteQ9YCOSubKH3o4Vo1bODotVxkZDsScHiDJus7skcly8jbQMbxVuzGHlO89C6w3M0o8WEmqjtOzgcYI3BlRxFBl2JQxihRBxFp1976"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 7164742 5399415
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28cfe0f925b-FRA
expires: Thu, 09 Mar 2023 08:51:04 GMT

GET
H2 200 csm_karla_conde_ada1f54948.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/9/f/ 11 KB
11 KB 436ms
436ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/9/f/csm_karla_conde_ada1f54948.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf9032499c82b04c4f99061313f6e27045f1edd03a03bbce7a6bffd390fb0be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:52 GMT
content-length: 11151
last-modified: Wed, 01 Mar 2023 17:00:16 GMT
server: cloudflare
etag: "63ff84a0-2b8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Je6UekOCU0G7sX2buWjYt8BEymbmK%2F5V9zAx01OB4ElHrojjmYpglyGzjjWe4Hw6ov7rsgtZtswP%2Fhfn27345HrAhd9NHTCsKDNVl1EIZi5FdOaEZPl0PTvCtDe2Zaj7fbyyEsZN%2BOsrIUqUveijSo401Bs2GYbh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 841851 322180
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28cfe14925b-FRA
expires: Thu, 09 Mar 2023 09:27:58 GMT

GET
H2 200 csm_cortejo_mj_2_eea44c83e8.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/b/2/ 23 KB
23 KB 638ms
638ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/b/2/csm_cortejo_mj_2_eea44c83e8.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 665c3b59969d3d37b1d9c7e76e72e9a4bf2a285026d5ccb1b37bc7a4e37baa70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 23267
last-modified: Wed, 01 Mar 2023 18:13:27 GMT
server: cloudflare
etag: "63ff95c7-5ae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pN4v%2FYK38PlhSRtPFVcCJS4Rhrw3Qm4JFraO3OoO96S7B%2Fc6z%2FSASmnBY%2FJ4alyCtb44WsILGnX1rNpuFOPHqAgXLBnP6g6ptuVvMl4VfnaEfTugejh08I6eoklMADWO2XYEYuLnpgYBWnpQYeSyWd7TYiHRgRnv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 1653799 2643140
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28e0f45925b-FRA
expires: Thu, 09 Mar 2023 09:25:34 GMT

GET
H2 200 csm_325198232_3456929561300459_7783734397621657890_n_65543d29d5.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/4/6/ 15 KB
16 KB 643ms
643ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/4/6/csm_325198232_3456929561300459_7783734397621657890_n_65543d29d5.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20674c6b3e2decac6883a3f3fd6e0915b62fa60707f5069f0bcd39f15f356f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 15663
last-modified: Wed, 01 Mar 2023 13:41:42 GMT
server: cloudflare
etag: "63ff5616-3d2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAaSVHXV9bVm5Syuy6%2B%2B0UvT5dHRB%2BeLbBoEUksRoVx05BLi4%2BQ7LJ8jzqvQi7HRuHKEU4FC3G1ObpLdK74E4vrTdwn6kJqzEzsb3K1Q%2BTKxf4Jp%2BvhIIweu6SIJ607vECuUFuAk%2BZ6AiU%2FlfuSyUVD%2BrRjPgZOp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 3127116 2994162
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28e8ff5925b-FRA
expires: Thu, 09 Mar 2023 09:25:34 GMT

GET
H2 200 csm_Manoel-Junior-29.10_2fdf3ff1aa.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/b/a/ 7 KB
7 KB 435ms
431ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/b/a/csm_Manoel-Junior-29.10_2fdf3ff1aa.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c2212f1d11e11c7b3502497c53ce7affbf18df58980bc9995622334c45a4597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 7095
last-modified: Wed, 01 Mar 2023 13:56:48 GMT
server: cloudflare
etag: "63ff59a0-1bb7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LHUxmUJbd1sBTB%2BDlpT700OePeKHE09Gzy%2F%2FM84Ou5ZGNzu0ew9ZwbRNp4wiMyIMKWU7afsx%2BDNGo2DBevl03lxSmq0e4izCS0yaBUyxYK%2F%2BYyv3DwyzYDCFaHl%2F%2BX4j4HFcVI%2FXjg6jty3eN599DLgjaJenSYQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 2609596 2495333
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28fb912925b-FRA
expires: Thu, 09 Mar 2023 08:51:04 GMT

GET
H2 200 csm_curso_garcom_joao_pessoa_609ca6fd76.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/e/d/ 11 KB
11 KB 229ms
227ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/e/d/csm_curso_garcom_joao_pessoa_609ca6fd76.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e01186d0af621fdbd7b99111ebda93e51046c92096d7e40ab38dcd59ee92179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 10768
last-modified: Wed, 01 Mar 2023 17:30:46 GMT
server: cloudflare
etag: "63ff8bc6-2a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ5TXZOe0FSJ5KKU4S2pqeNYIqT7bP3WlPMXu3mynQ4goj8iBKhHLy4xujl%2Bsv4rwoVVw1jJ5q5BsdXR4IbZrmSCS1Khuo9mCUT44UxZpXAIJHDR5pd6N0h9PxC3WDdcZxwBrXSqVGIn0N1nhGKIr5ZTQ7m0lgv6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 6374438 5949071
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28fb913925b-FRA
expires: Thu, 09 Mar 2023 09:25:34 GMT

GET
H2 200 csm_Prova-concurso-730x425_3588b610de.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/9/2/ 8 KB
8 KB 221ms
221ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/9/2/csm_Prova-concurso-730x425_3588b610de.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3169a00b798d06012071ced2878f9cd5418bded9ddbdce4376ac367c659a8065

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 8125
last-modified: Wed, 01 Mar 2023 14:22:50 GMT
server: cloudflare
etag: "63ff5fba-1fbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6s0uS6L5SJj4AXIeyQ8WOV4afwCuI7WZL0Wc1DEV5aydNPW98qbUG7ObVdnxu47zuyuSfrSfOBG%2FmgDPeGxA1D7BlTPVERrazNBCL2YyDbam6j902QzreukgAt0%2BfstMYPCECBA0cpvsM%2BNKHluxcKv1PMAKdoz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 4047431 2608913
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28fb914925b-FRA
expires: Thu, 09 Mar 2023 09:13:52 GMT

GET
H2 200 csm_carteira-de-trabalho-digital_mcamgo_abr_240620211818-7_761d3bb4ae.jpg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/a/d/ 9 KB
9 KB 435ms
435ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/a/d/csm_carteira-de-trabalho-digital_mcamgo_abr_240620211818-7_761d3bb4ae.jpg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dccd4f7e3302b03685c2683f2e4534f3d140c8c145f3d0cabd65a541e180c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 8786
last-modified: Fri, 08 Apr 2022 02:30:43 GMT
server: cloudflare
etag: "624f9e53-2252"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJWxNkBbOT0hqs2y%2BcXo4xaOtyHEJa3B0LgycTS0mYCI65TbEh1OCr3Fslbdv%2ByhWJZf0%2FMmhDmXpjhhzztMe8gxoNEhC3EnnUINgr3WJWRIQJF%2BlQPgf%2BcoGJW02uIAydUT2JlGJFb6%2Fm7MbWNumUJo3%2BkH7N8s"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 4532465 1825046
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a28fd92e925b-FRA
expires: Thu, 09 Mar 2023 09:25:34 GMT

GET
H2 200 csm_prouni_EBC_029e5009fc.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/6/7/ 8 KB
9 KB 435ms
435ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/6/7/csm_prouni_EBC_029e5009fc.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad2fb45618830aaf4b6b380886a4a9b7095540721e4be92e252c0620607226c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 8582
last-modified: Tue, 28 Feb 2023 13:43:39 GMT
server: cloudflare
etag: "63fe050b-2186"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lox9F4ZXRYgmGXGHvx0i4kS0d3zo%2FA8UAxQDuU%2BjZU2J7DFrwzRpYL%2FWhQyc0on%2BuVLcKT0Zoe%2BXda4bSv9TqwBUK09T1CFoVI0UJA%2FMNCzOBECH6VybQJkQqD64WQ8jYAL6Z2rsTkWQF8hWOzfG2AyKnQMnTVbs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 142255 2477343
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a2911a74925b-FRA
expires: Thu, 09 Mar 2023 09:25:34 GMT

GET
H2 200 csm_Prefeitura-de-Campina-Grande_011b4b14a0.png
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/e/2/ 88 KB
89 KB 843ms
843ms Image
image/png 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/e/2/csm_Prefeitura-de-Campina-Grande_011b4b14a0.png
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4000d4364142ec3454e522d59fa9beda7ea559c3bed263a2ffda93d3c011d590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:54 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 90513
last-modified: Mon, 04 Jan 2021 22:35:35 GMT
server: cloudflare
etag: "5ff39837-16191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeSRUA%2BBsO0qPzpCY16WacPJ7FxSboJ3DWMNTTymcy4bumcepOsVQLUh2aacmXPY29UCrqk3wDKJ9UKb8w1wFdjJnhKruyKW%2FHcsvp1j7JV28mm7UdZuCnpjsYX2YQVDCwNOVWVifW7S3UAPDWzwW7xrAgnZKhka"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 3716660 1796749
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a2912a7b925b-FRA
expires: Thu, 09 Mar 2023 09:25:34 GMT

GET
H2 200 csm_SEDE_MINISTERIO_4362958d9f.jpeg
portalt5-cdn3.cworks.cloud/fileadmin/_processed_/5/c/ 13 KB
13 KB 433ms
433ms Image
image/jpeg 2606:4700:20::681a:16b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalt5-cdn3.cworks.cloud/fileadmin/_processed_/5/c/csm_SEDE_MINISTERIO_4362958d9f.jpeg
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:16b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c7d862775a3e2355990661a6065ff6ba5c2a33575fbf26d81bb2462b346f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 09:32:53 GMT
cf-cache-status: MISS
x-origin: web
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
grace: fetch
x-cache: HIT
x-app: portalt5_node3.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:53 GMT
content-length: 13061
last-modified: Mon, 27 Feb 2023 10:59:49 GMT
server: cloudflare
etag: "63fc8d25-3305"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uySzYtDP4ZEvLvtfzzTVgeZXbcWQgzn4T9ZO1MORHzcqpoe%2BEfH5%2BBSL1M0a8AizAgGE3nCbSpCQslkld9RPsX5k%2B%2FHQluVKyN2f8%2FCIHDATXepLlzNbXrHMMobI8QePz%2BLHR3BZiQ1kzsDF5yDXRKnpAQqrgGVf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 4047434 6372016
cache-control: public, max-age=2678400, must-revalidate, s-maxage=120
accept-ranges: bytes
cf-ray: 7a18a291fb49925b-FRA
expires: Thu, 09 Mar 2023 08:37:43 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/h3Z2HIDC_lo/ 39 KB
39 KB 149ms
87ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/h3Z2HIDC_lo/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712478"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/brjCaoM9tMs/ 39 KB
39 KB 82ms
47ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/brjCaoM9tMs/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712446"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/5mUJ_3eUrGQ/ 39 KB
39 KB 136ms
101ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/5mUJ_3eUrGQ/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712402"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/cvb32C5g-7U/ 39 KB
39 KB 101ms
72ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/cvb32C5g-7U/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712374"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/F7WtUZBFrLE/ 39 KB
39 KB 71ms
70ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/F7WtUZBFrLE/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712257"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/si4imLaN-WU/ 39 KB
39 KB 54ms
52ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/si4imLaN-WU/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712338"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/kLLJq-vx1PU/ 39 KB
39 KB 52ms
50ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/kLLJq-vx1PU/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712226"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/85YNu6NoMyE/ 39 KB
39 KB 51ms
49ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/85YNu6NoMyE/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
server: sffe
etag: "1677712173"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/JeUnTwHXmrM/ 28 KB
28 KB 73ms
72ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/JeUnTwHXmrM/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df88ba92742a84458c6a6aaa7f571ab344da4f7050981cecd578e60c160abfac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28747
x-xss-protection: 0
server: sffe
etag: "1677693158"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 86ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=optional

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.portalt5.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:34:57 GMT
x-content-type-options: nosniff
age: 568675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 19:34:57 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Vi1kV7QRapI/ 28 KB
28 KB 76ms
75ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Vi1kV7QRapI/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

412bc905b5ae3d908be254a0faae6cce2f70556377f5b4d636a91af23780bc15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28273
x-xss-protection: 0
server: sffe
etag: "1677693213"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/rM5GUo348Zk/ 28 KB
28 KB 70ms
68ms Image
image/jpeg 2a00:1450:400d:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/rM5GUo348Zk/sddefault.jpg

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17824bbe327dd6fd03e6472745c55f52ee7ffe18a53f2761c83c3bb93a2e31b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28861
x-xss-protection: 0
server: sffe
etag: "1677689761"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Mar 2023 09:37:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 140ms
41ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.portalt5.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 60ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.portalt5.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 864 KB
71 KB 251ms
250ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1753584586774706&correlator=4249843956870814&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=21662162077%2Chome_pc_728x90_01%2Chome_pc_300x250_01%2Chome_pc_300x250_02%2Chome_pc_300x250_03%2Chome_pc_300x250_04%2Cbloco_home_arroba_esportes%2Chome_pc_1080x1920_01%2Chome_pc_970x250_01%2Chome_pc_970x250_02%2Chome_pc_970x250_03%2Chome_pc_970x250_04%2Chome_pc_970x250_05%2Chome_pc_970x250_06%2Cbloco_home_superbanner_concursos-e-empregos%2Cteste_banner_popup%2Cteste_poup_mob%2CFESTA_NA_ROCA_300x250_1%2Chome_mob_300x100_01%2Chome_mob_300x100_02%2Chome_mob_300x100_03%2Chome_mob_300x250_01%2Chome_mob_300x250_02%2Chome_mob_300x250_04%2Chome_mob_300x250_05%2Chome_mob_300x250_06%2Chome_mob_300x250_07%2Chome_mob_300x250_08%2Chome_mob_300x250_09%2Chome_mob_300x250_10%2Chome_mob_300x250_11&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21%2C%2F0%2F22%2C%2F0%2F23%2C%2F0%2F24%2C%2F0%2F25%2C%2F0%2F26%2C%2F0%2F27%2C%2F0%2F28%2C%2F0%2F29%2C%2F0%2F30&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C1080x1920%2C728x90%7C970x250%7C600x100%2C728x90%7C970x250%2C970x250%7C728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x100%7C728x90%7C320x50%2C800x600%2C300x250%2C300x250%2C728x90%7C300x100%2C728x90%7C300x100%2C728x90%7C300x100%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&ifi=1&adks=117359128%2C2831729883%2C1553795288%2C1700480882%2C3232831486%2C667322201%2C216234859%2C1989544812%2C3364188180%2C3306016848%2C2473147351%2C1091396423%2C2963501513%2C2652842836%2C3880267625%2C1501308537%2C3302783650%2C568812054%2C2284726716%2C3263041356%2C1839820634%2C2702175613%2C1052451991%2C4213386603%2C1910865497%2C3155531011%2C2927293924%2C1732769968%2C1963752368%2C3347759301&sfv=1-0-40&cust_params=secao%3Dhome%26categoria%3Dhome-principal&sc=1&cookie_enabled=1&abxe=1&dt=1677749572273&lmt=1677749572&dlt=1677749571361&idt=825&adxs=436%2C810%2C810%2C810%2C-9%2C-9%2C-9%2C-9%2C-9%2C315%2C315%2C-9%2C-9%2C436%2C-9%2C-9%2C-9%2C-12245933%2C-9%2C-12245933%2C-9%2C-12245933%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9&adys=276%2C1650%2C3512%2C5229%2C-9%2C-9%2C-9%2C-9%2C-9%2C4721%2C2457%2C-9%2C-9%2C2955%2C-9%2C-9%2C-9%2C-12245933%2C-9%2C-12245933%2C-9%2C-12245933%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C-1%7C-1%7C-1%7C-1%7C-1%7C4%7C5%7C-1%7C-1%7C6%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq%7Cr%7Cs%7Ct%7Cu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.portalt5.com.br%2F&frm=20&vis=1&psz=1160x90%7C300x250%7C300x270%7C300x270%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1160x0%7C1160x0%7C0x-1%7C0x-1%7C1160x50%7C0x-1%7C0x-1%7C0x-1%7C0x0%7C0x-1%7C0x0%7C0x-1%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x0%7C0x-1&msz=1160x-1%7C300x-1%7C300x-1%7C300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C970x0%7C970x0%7C0x-1%7C0x-1%7C728x50%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C2%2C4%2C4%2C2%2C2%2C4%2C2%2C2%2C2%2C132%2C2%2C132%2C2%2C132%2C2%2C2%2C2%2C2%2C132%2C132%2C132%2C2&ohw=1160%2C300%2C300%2C300%2C0%2C0%2C0%2C0%2C0%2C1160%2C1160%2C0%2C0%2C1160%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=112243227.1677749572&ga_sid=1677749572&ga_hid=1908250670&ga_fc=false

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a46131dd5ba29ea89fda8378f9d93182bcf93a68414bbad20ef719d0f9c72062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72644
x-xss-protection: 0
google-lineitem-id: 6198046496,6197494693,6198038297,6197500045,6225745612,6190397017,-2,6195872541,6198041423,6222722345,6214849321,6175175684,-2,5467333320,-2,6195865843,6218308992,-2,-2,-2,6220316293,6188762115,6188759991,6222650555,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138419127785,138419126855,138419764930,138419141046,138423650926,138418725301,-2,138419128994,138419764183,138423218875,138422187286,138416030731,-2,138322097270,-2,138419763730,138422275121,-2,-2,-2,138422305007,138418729318,138418112997,138423210190,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.portalt5.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9638 6 KB
3 KB 153ms
61ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:52 GMT
expires: Fri, 01 Mar 2024 09:32:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 portalt5.com.br Show response
v3.denakop.com/ad-request/10427/desktop/ 688 B
552 B 119ms
119ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/ad-request/10427/desktop/portalt5.com.br

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc5c3039047537d439e3ed9f08acf5c4dfa5e9a73b9cb9878a402081fa6b0c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.portalt5.com.br/
Origin: https://www.portalt5.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.portalt5.com.br
cache-control: private, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a18a28b69a49211-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame C32C 13 KB
6 KB 79ms
12ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 15:29:07 GMT
content-encoding: gzip
age: 65025
x-guploader-uploadid: ADPycduHJL7vaHeG7F7Z_DfPgclnD6mp-kbCvyLdx3thoghHGwhwiZgnDARbpZOxwjuwgsYcBFTVfWyGXonE1BZs4cwsjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5285
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "b6cbe044784454c3931f1d4de70a511c"
x-goog-hash: crc32c=LTf/lw==, md5=tsvgRHhEVMOTHx1N5wpRHA==
x-goog-generation: 1663611635603334
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5285
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:29:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/ Frame 883C 10 KB
5 KB 43ms
10ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 06:41:33 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 06:41:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KG4VNH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 08:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4682
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Mar 2023 10:14:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 56ms
55ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LPD9BLVPLN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KG4VNH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

965ceea0bc65070396cf0de0044f1dc0935c7fc27b174107a653f7e96dfaf602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 46ms
46ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-66850008-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KG4VNH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d03adf1de9345f24eb7f2b822d64864da6b4a061648861a40685f3a70d44a92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44509
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AC3 0
0 55ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7K1BfwKVW5vQJeTpPEW9ijBPCcxMyv20I1Lz9IDqURc927-5Tlb_wk7iAQAfvwzk0PSHzpX5t7gP4sS9PEYJRNs-YBoRNgtJlHYl9u2TIL12OyeoLAPxroF0KdockONdMVdY8I-xJx60h0QWgOLjdzgOX4AuylqDORD8pSnR2yjOdWEzI8wYY-Gx--VrxmC0wckI0Dt0k5rd8mZC2zC222_7w316SmATc7yIit6N9kcHRP08spzZghbgFAPT77hIr-p1li2D-eAWd7m7ow-l6r0ApLuwqkDzgLmzPR6wsOJoB7IP9QxoYov-JycD1-OjnjicwbKSvjdLMfsI&sai=AMfl-YQzUqmi6zgJ3UgCRKo5MAlZhkLLbfgewCwJibjVez-29FV1Bd6w66_UIz1yeJHwORXyanuEeU9lHuYLSNLHhftr0GzivOUwoYGErcqHMRkbDugNTr2VjeMEHCD3AFLBnGW9ZFr1rrgezPwuCng&sig=Cg0ArKJSzFx151Ugw7KcEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 0AC3 22 KB
9 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 0AC3 3 KB
1 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AC3 158 KB
49 KB 170ms
75ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 7141917500249817415
tpc.googlesyndication.com/simgad/ Frame 0AC3 45 KB
45 KB 59ms
19ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7141917500249817415

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90143415180c10e12a914dd250ae361018be689389accde9eddde454dc795d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 18:46:58 GMT
x-content-type-options: nosniff
age: 225954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46121
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 16:34:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Feb 2024 18:46:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 506A 0
0 56ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqHkg86xGDeXUugxIUKGb6qa22NaeaNmhq6K7JFulrh9mN-9goMTtDHArIXdlawYqU2cpnLZe8wkjSfrZCUNEz1RRUavz7NdpfkpQscV9-Q4WvOQl5Kp2snUsPMdFZFni1j2seOa2Pdm3cD2c0-iaeKctepZ1B9uVZY-tfKudTpLdxv88RR9XbFczV573hvbG9H9RehlMQ37gCOX_zy_kc5vFZts0GKk48j5CxV8vaO4SXdkvpctvNTvA8RfxLWuyckIf-7Kd_E4KazMNfkGB2c61epftfD33LkKoFoNnpPLN-9gs_IMem-tggn_fAd8m4WZ5KMgDuq9BWK7J2&sai=AMfl-YTeVKGcCA1XxPCfa3NExeVM2IxD1ai3N8e9shoPun6W3Ef4LcJpXoHVbMloqiHQ-Yo-9OWGTPkPTVXm1z7oOz6y22KkruEdlLybCARrxv4NTYqGF8vOOStZJ6sqqVqdQV0DVwpYJfjUUcY1wrM&sig=Cg0ArKJSzPrLbbmT823cEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 506A 22 KB
9 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 506A 3 KB
1 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 506A 158 KB
48 KB 209ms
138ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 11894490291876917924
tpc.googlesyndication.com/simgad/ Frame 506A 65 KB
65 KB 19ms
12ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11894490291876917924

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205339afb48851f719f6ea80106550aa941bb605cf3cf99e77367aa01328f154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 04:53:39 GMT
x-content-type-options: nosniff
age: 103153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66270
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 16:30:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 04:53:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9700 0
0 58ms
56ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMl4UTyzjPKZpydHBI_mbpDvnI9Az0obUykZHh7eIneqSjSDbr4zwKBqJWRxrVdCbqccVWZc8_bnubiaqKA5Tt-z0rrPZm7m_jvzw4nQKwpu_I83Rk2tYRu1ZFWXrSO8rbRa1NyvRaympDJxVkv2MSWvVDKxvpUfbfRqRxo0IePKajuDDJdcvN5UTToayL-eb8n_6fA9LNbed-Xb1hyqmtUf9nIC_71hXksJaJNk1o2Gjj7wfJdUT10ZvW3bvXjiR1WGBMHyXZ1-WMNLQ9hxaEZFZBM07IK7u0_PN1LpK8JiWOPZxMb0_EyFzjdGfNOKgB9R7yVvjfMwozR1Kx&sai=AMfl-YQzBi_9wO8dTphKD6-8MILev919A4RvoZc9ZlFzE825BBzMLkjpnQByK0yMzxNyPH_-YmZV2lb-gqSh8MPNDR2XlNiHA3qFJY6-Fx6czl-i8PiP8w3W9OCQetkLBjMTycR1CSyUszkmsD_301k&sig=Cg0ArKJSzCP_dvRioqJ6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 9700 22 KB
9 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 9700 3 KB
1 KB 19ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9700 158 KB
48 KB 212ms
157ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 8960062917439787980
tpc.googlesyndication.com/simgad/ Frame 9700 144 KB
144 KB 29ms
21ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8960062917439787980

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4199f66fff4f96ba6b09fbc1aa2593d3980a98cf48d1fd68fd12f99cd35d91c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 15:29:11 GMT
x-content-type-options: nosniff
age: 65021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147341
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 13:24:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 15:29:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 383B 0
0 57ms
56ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0C162r0umhVi4YkizM4CGQlZ5zw2gcTk4yrFcR7ZUcT9BxmCXo6pXmJv0tkMys1jVtmzRmiu-j4qBGIPbNhbRP9Qx8oXesHqLadnp2-kua_-2REcRVo5gsNjY6WiAqJ5yxcRU2szKQxrvr6wJp-C-SvcjVyL8ofp-cJHnR4yhNcZU6q5cSTRaDVjbEjrm8vpjX1km4O0e5pEo_k-DvrkhcMApZYWn4YspVbns-k0CSdnf7wQeluvavD-uIilrbJzfQCyx5kmAhwlPC01dNRlhYRg3dXAq1bU-F7jJeNdCbOaSMRCPfCV7UMnZB3max0e7PY6QUm2tIy1n0xYY&sai=AMfl-YR-aNEe84LWbX5lOCzUaKGG1Qa21ChLOHpZdtRipaEL4pjtaALDafNgivGcHZe8YYYQNOfWR0lnJgGWFeWAdbgqgiGMR2MRNlojmbTLnK5Ub9S6couWBcEP7LO_WJdodE9p0TDHgUDFQw6PDCQ&sig=Cg0ArKJSzH7E5Llgrli6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 383B 22 KB
9 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 383B 3 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 383B 158 KB
48 KB 222ms
178ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 9941587422273987723
tpc.googlesyndication.com/simgad/ Frame 383B 129 KB
129 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9941587422273987723

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75c1d18fda2d9e28c982faa9121090d8206a5ecf0cf27e9c8677bdc1acc84ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 18:46:58 GMT
x-content-type-options: nosniff
age: 225954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132391
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 16:41:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Feb 2024 18:46:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F894 0
0 64ms
56ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_Eq2MIR8UfiBn_fwsJj2PwSvxvt7RO-9lnoEFeHm7-QKgtG7SSjXo059GkWFbtPHG84XgeZX6IZxcIBd60074EP1Yv0fApLzuKK6nbAvGIku8FCebEtpCZNrwY9mztfZJ-2TabE3JN36idzgWQqnDuG4YvHJNIBrV37jGHW-arPdCbc-8Ae--Udj_gNTQoQSkRHR3iYwwa584CB8VpsXKo5eRGAq3uBGvJAaBv73c1jdEuGhie16zKedMi2O6ilMUvMXumX_9eASV08vV_hJEr2jO4BOF5ru9KMCIDYV3Jie6Z3sDFRBuObhqmPNXKCUSZdVFmmRupyxbatsy_ZHyV9bTL7pWOYqh&sai=AMfl-YQPJqPS6uuc_TnK2wk7e2IgGeSDc_1epopRpFqSUg50WP-rto0f2Fz0-sqxcCNfrL0JJJx3Luhah1sgx_pTxrm0iUoaB_SvGcAcHpECG2Y411mZl1lf9LscC1miMFvi5hnrESLD0bsTK1xwCqE&sig=Cg0ArKJSzDC8hEplTBb5EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame F894 22 KB
9 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame F894 3 KB
1 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F894 158 KB
48 KB 220ms
187ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 6828760127155355047
tpc.googlesyndication.com/simgad/ Frame F894 91 KB
91 KB 21ms
12ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6828760127155355047

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa043184e0034c3f80e768a78dd763228032f4ab79622b3fd01f8ece71105fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:01:22 GMT
x-content-type-options: nosniff
age: 73890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93106
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 13:25:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 13:01:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AABA 0
0 55ms
54ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9bbP79s9jK88mmNWTVMbuKHVJ-2TQC1_-HqhRJTJMboopAhRcgik17kT3AIvC08UPABwObnyrLjHot-s3NqZV3OjgVVsyYKPhtNrWgnpsVPjxEmvli37eyc7K0E4ULhNlrVSIoEfZJSSk9Qtvl3MLXhEQXhIKVJCvHEFESj7Xq5BrIx6-7BBtWLgSqA28Q6Z-zoEhgwiias5_7Udp75PusQriMYfhKf1GCMv-ma_W0dWRE_wRNgw_AdJdJ2ahmGlUavNtJudZ_KcFLDC2-7IN7HKHKbwA3e-nhRjqASBFw2eWLCVpGTY9GyT5WLXHWcyLDNzszXewBMxaLpRu&sai=AMfl-YQ2xya7xyfQoApIuXRe05rmNWbMmHBnu3MMa9WB5j4oNC8ScYxXFJ3zWKJFXaXSoksOJrZ2yO5SxzHl2880HCtDsp1QnvP30kD0jSk9c16YFQPwPJCwGRWITc85yqYQHE5GnMQU64PtmmkibLo&sig=Cg0ArKJSzMzBC-bjBf68EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame AABA 22 KB
9 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame AABA 3 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AABA 158 KB
48 KB 178ms
156ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 11567816352871793551
tpc.googlesyndication.com/simgad/ Frame AABA 101 KB
101 KB 28ms
26ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11567816352871793551

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14d1130cfa0fe75ef85ecae6978369a612f66ca0bc3bdd4f4511d50d82a1464f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 22:24:40 GMT
x-content-type-options: nosniff
age: 385692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103328
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 16:45:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 22:24:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3807 0
0 60ms
56ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9LJSFUoPAGlOoPcz0165xNm4rWJEk8MBcy3b7C94VBb3mD_fzY7Jr6nbGfmSMN1ChRr_6TxXL1B92XPcWpA35upH6ybXtMYApeAszgcyNhcz3qTj7Xlas8AWsJ_2THViQMXaxX0Ra7v4yZfxzXjMf2ZrqML53kgMoPTLmIhjfiqFqsXguamA2TtXiG21rq4NfcmslKTbojzclKCcsSFhj99GWhmSiIDHpMIA1-fIC2G_r-LI1kVnDk-_yj9VOC9jpuRuTA4NGRLa-Lm47YJiDsu-aXWyWf23XcCv1sFAs_cJEBNJjdPXD1ke2depQxZpKOAwv7KNEt4x6xKGl&sai=AMfl-YQAMDaZIJo9e308oN5I-yHk0Nh2UUodG5Wy6eK2NfvIMH_GVAFcQUCLiv8VpMssGDpwfy5m8091XF1-vu6wM8rB_VGa-NAxKV8X_DuxENoc3aZ7zXrtA5LzJFdPdP-OR01Nfd6hFeR3S2FZxPI&sig=Cg0ArKJSzJhNKJGV1Pt0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 3807 22 KB
9 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3807 3 KB
1 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3807 158 KB
48 KB 185ms
175ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H3 200 12090211381996209715
tpc.googlesyndication.com/simgad/ Frame 3807 99 KB
99 KB 17ms
13ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12090211381996209715

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a06021f37efbf7c4b6f6970fc5516fa5ea19c8688234728c7c4c61a2e9858730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:11:08 GMT
x-content-type-options: nosniff
age: 51704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100937
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 13:30:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 19:11:08 GMT

GET
H2 200 container.html Show response
af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC92 6 KB
3 KB 28ms
17ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:52 GMT
expires: Fri, 01 Mar 2024 09:32:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E552 0
0 57ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_WBw8jTItqyiV_Dy2aKsu2tog2Zoc7mSYoGUt57OsNM-54pXg2Nc4ocq3NANszAUouMnEaxuCcNLTRC3ehILBIrjrUY6ok_zVaJsM2EC4Ee-siVJaQ2FAcp7TnROlLqtJpFmO6ZDW3Qklc1OfAcb6Dxl5Y5rjyIPHTb5Bmm9ry4puFdrFRJbe7QM4g8_oPm3krP6XHPLjnqpvkU0avGviwLqUov7tG9j-8Rcl3JcfOAzj1bQHSpgWcCz-NRngdUynyT2i75Haufn0CHkjezKDrCcSRZTOE1yowcgOUx3aeNRLCYEkourde3_3F2a6K-4kH17mXZAscYDumFKZ&sai=AMfl-YTNEodsQxrUkHXRTDeIzfXk4Tfx-0Q5XVaHnw6WF8DUmN3UzAxd53BjXHkNXbeH7y2Xbl4g5SIu7OTrKonRNuGz3vRtK0qgFjNRn-NdlFQTdlDq_Su-5FDXflfbEO54gyQ2kjo0gCdDoeJmS9A&sig=Cg0ArKJSzO3F9dxyKetdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame E552 22 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame E552 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E552 158 KB
48 KB 164ms
162ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H3 200 1020678601299316901
tpc.googlesyndication.com/simgad/ Frame E552 458 KB
459 KB 60ms
59ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1020678601299316901

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5d52a04ab7333ad4829ddf1bd2349b2ee5a6858026c39bec2243d6d706e3976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469472
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 13:33:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 09:32:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82D0 0
0 57ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-uToZFZ4BOhUSYOd87rspctgYc5JC3quhrpH-5cCjT02mjOm0cgaUo7JNzWQ7MjMYjbwOcD_hnfzgiOGKKDi_HYaQ6nV3x0jdg_trsJGb3DOTG80c3_PumOPCNqB6G_256Q3DfFV55RtHEwkCkNPtkZIzB9qztPiz27HPQCQ8xa_3gbGyPVp1rPfd_oyxkyNOEBs6xcTey2twOCnYcHFJ7zabGlIT_YHwoXIWsFdd7zyqcRtMnGIJn5tdSH1h_0pHGjVy1QRmV9LBhI5iFF5EPdG6S8ziWLNFcpTavuQfBg_knq7kqFtG1vtjlZ4CVe5-OmfEoC7IQtkl1i8XzY4nqvtt8meg1pl-htcAoOPZmj8r1AnpEg&sai=AMfl-YQI9ITXnPhklhHAktEttYuHfhE8oCDz_VMy-tseSEzblLQVu2ipzeOf_N8GKzshmkQ_12lecAGqy5GrIMeZAZq87_mF9wE09YMHvzhk0NacALr6mh2Wezow8I8kPUjauiMKT2C0jUjCQYsHi-A&sig=Cg0ArKJSzLmRqXbj4axHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 82D0 139 KB
47 KB 86ms
84ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d43a0174d4d519aeb5a5071e72f42777d08d9296e8f1fd3228dc8bea9a7e6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48035
x-xss-protection: 0
server: cafe
etag: 6254325551813332296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82D0 158 KB
48 KB 157ms
155ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7584 0
0 55ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2wUvDgiOwfWdloXl3jvll2NTz_sLqrl79ItUetLWATguq1tz6RIRRhG6cas_RuTvdzbs8jlQhIMvzlYbSz1gzVWD568gerEgOhUN63nnQmJMzOcdkhC795B5MhfC94sEabrEDNXyIAyd1vVAC_vi3vAb6Pf4485UET9AuMG1YxUNXhB5BBGeRjZtf-kyZLT0PTdzh68-g5Sid3ZMRgpGFFWM0YEe6D-t4guvcz_bDx-HMFKOPOtgbF8BYqXweLuGq2soHpoU8DCmLPeIyVKXBejldAk8JkvhfPQxSTDQ8uS4ahmcjUcx2ffM6O1C8zmR54FLUCgxH8Jki-7HDm_VhzL8&sai=AMfl-YTmQs34ksoPQYTGh6nlsXX0ZIabpltBCdZUCN7o3MwKs9PA83t38RdjYArwGVOz17M76v0tZfzS15AhU2bIj_m2LtlnxUyYia9llyS2iCLJXp5oPFEM1AY1_Jfzetbn5_CUI4zxRRPgo6LZZ1U&sig=Cg0ArKJSzBq80UQhkqg1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 7584 22 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 7584 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7584 158 KB
48 KB 97ms
96ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H3 200 17832027498362327946
tpc.googlesyndication.com/simgad/ Frame 7584 97 KB
97 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17832027498362327946

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bda0fea44f202289d2817057eaac9d084f85a6d72569056294dd5e681bad91f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:41:07 GMT
x-content-type-options: nosniff
age: 492705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99265
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:57:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 16:41:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB34 0
0 57ms
57ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZXyjOdXfZrtHJMKGyfx2iqIFbZotNyMXeBUcskplRJ5JODxHo9mAguN6zrk9gL9qOyqEhjsxBt9qz15kTK0iWVWKqQede7SuJuSZQ4eGXuJxd3V4YyDzqiqNqhH7BwJig3l2uE2rNM9e-pOAZcMb2dYe1pk78QZFEHIzPFvzky-WJnXiEeSloB31nMyzCMK-cMm1h0g06Rkgv5h4BY9odLjqLo3VAeEMn_P_UwVlZi_TuXrvvFulx2ORAKmVKSx9k1dlVZIhJ_kRczCuCOSb_SlsqysUvMtJNxB2-AAGbrM--rZ2NYnsDvE6F0JyMvaDgHc9RG_nUbj3nPhpzB7M2MFU&sai=AMfl-YRs2qyGLfdRWKiugUqs-f1IR5va0idpH3Zczb7_Ek6aDpr1367Nq5CkDd7mRXvYG4Z7ZjN26ywO3jiA8JqL-93cvTLYF2C8e7E3JA32GBvPZM-sMgQctS3Jwg-8bk1VJp9FJIS6p8ChDOQiO6c&sig=Cg0ArKJSzAaBpcw81DgPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame EB34 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame EB34 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB34 158 KB
48 KB 121ms
121ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:52 GMT

GET
H3 200 13499464092428685624
tpc.googlesyndication.com/simgad/ Frame EB34 57 KB
57 KB 10ms
10ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13499464092428685624

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c33f05051f0fb9d350ee7ff81edc270ea95673e6a670b2641c5f50062813171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 18:46:58 GMT
x-content-type-options: nosniff
age: 225954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58086
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 18:28:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Feb 2024 18:46:58 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 186 KB
51 KB 26ms
25ms Script
application/javascript 2606:4700:e2::ac40:8608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/c26b31b3-e026-4f95-b46d-42a81eb00650.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c21c555767cc7534fbeeb7cffcbdabe1427c714fe961addf92a50c2242bdb7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:52 GMT
via: 1.1 1cea41348481b3edf706fcd9a48d6eea.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MAN51-P1
age: 6562
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Feb 2023 15:13:20 GMT
server: cloudflare
etag: W/"3255877cd62ee31402d4624df4e16c62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZM0FSL8148hEVx52mVqZ4S1qtDDTabhdcUsv7Zm1SsSxjQqz%2FYrO%2BTDDc%2B6f8ueREm%2FIMCBPcI4xV9IG6JbKo6pU1qtfakekSCOrP1innGLq058L9f2gwXv9x9o%2BVl9vM4%2Bp8RBNMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7a18a28eed7f3802-FRA
x-amz-cf-id: biIz2N0j9HLGH1bRZRZ-KKYNpJZ4YUmp2p9XscZTdPuv1CfjV3ycFw==

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame C32C 92 B
300 B 162ms
106ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 10:32:53 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CC92 24 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com
URL: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 07:42:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC92 158 KB
49 KB 64ms
64ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com
URL: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
DATA 200
OK truncated
/ Frame 0AC3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24f2807b887cd00aaa52aa2315b451f370d21c40e11860e8052a62ed9e4b7b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 506A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90a8833372e286bdb7e9df0b8d21924efb71927ad6ce2369a6b50fb8bfd8bc64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9700 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0197768abb7d8a1a196ab2103a9dfc458abd81f8328c2d984c1a209772f05691

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 383B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b2b0a4b54b040c7c9217c5cd43e863559cdefb6e2c6a9bba96cbb99d76d07b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F894 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b3768af6e45caa2a7e4f2c7efab2c74ed4390a5ebd73e473373a72db590ba89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AABA 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b2baeb728921ea55ffcbd67f3ff7e4e14fef464c03d3af230ba5336380fc895

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3807 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 197a358974f1171745c48139af359ad244e2b8724d7a719dc75916b0f8f44cfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E552 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00a049b7c742b672786c920f5864bdb33adc0aa0ea9b6088ba2cdd50e1735464

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 prebid.js Show response
v3.denakop.com/ 270 KB
83 KB 34ms
34ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/prebid.js

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d881f91d620786db06755849ea5cc0a06163e406c1a98c80fd926d892ea27fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 20 Sep 2022 12:26:12 GMT
server: cloudflare
age: 5803
cf-polished: origSize=276416
etag: W/"6329b164-437c0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7a18a28f58a19b61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 15ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1908250670&t=pageview&_s=1&dl=https%3A%2F%2Fwww.portalt5.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20T5%20-%20%C3%9Altimas%20not%C3%ADcias%20da%20Para%C3%ADba&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1347313777&gjid=1189599893&cid=112243227.1677749572&tid=UA-53443223-1&_gid=1462049325.1677749573&_r=1&_slc=1&gtm=45He32r0n815KG4VNH&z=1907138660

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.portalt5.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.portalt5.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 17ms
17ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1908250670&t=pageview&_s=1&dl=https%3A%2F%2Fwww.portalt5.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20T5%20-%20%C3%9Altimas%20not%C3%ADcias%20da%20Para%C3%ADba&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABAAAAACAAI~&jid=824343353&gjid=543987540&cid=112243227.1677749572&tid=UA-66850008-1&_gid=1462049325.1677749573&_r=1&gtm=457e32r0&z=756610561

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.portalt5.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.portalt5.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 45ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LPD9BLVPLN&gtm=45je32r0&_p=1908250670&cid=112243227.1677749572&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677749573&sct=1&seg=0&dl=https%3A%2F%2Fwww.portalt5.com.br%2F&dt=Portal%20T5%20-%20%C3%9Altimas%20not%C3%ADcias%20da%20Para%C3%ADba&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LPD9BLVPLN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.portalt5.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9700 0
0 55ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqOjcLTutqbWpfG2KuQU9WGkuEIu5Y9RANZVpPKRxbCsw5GecGXcXNux7UkhEbFebx_youJwYj9FLzuGekga4vjwSnJkKSfjeTkZFU7oIMm486G31eIazFU3RMn_ndhOzVEqYSOPjW53ynOJ3N3sG-vq7ETiCmofydBWi37P39TRoflvI6LvH7uy1Y_4dyPLksZ0nKYtkWcyr6t3QdWnfKZQ6v31XYzxvGPbishTtEiaPVIY5v6EUPRO0AsD_QIbN_7x1n6TTYG9PyVeTa8lxiSnbfZQ5Jb0b7TxdX91jsRPnyQbyPeYd9AWD-GKYEncPPMzCIFLQXY3XqpWaJtG0&sai=AMfl-YRHt5ud-Zi4fviCgDT8eTc73y2MXgJF2FqWSAFG7Ze9_A4jJzsip1AhThnjyUutWg99lnVbhOZz9_qEC_jN_rO2YtcCL7Lp3nl8o7n7RuIpHcudLqcTrga1EIPPz5XbcKZ8tQRUm2vGj-ajpMo&sig=Cg0ArKJSzM93zYtfbs0_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AABA 0
0 54ms
54ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssynv4CqqAV0RINlG_sKTww7qebRbqxDm3gbvKaVA2k-XGbs8wEhn429Z0TOsGp2uXHqhFmgZ9hEqNS67KLzAZNkWJuRjwpt0Ujk8otGXn-BOJtwrx9zOWHanElGL4o2xx5an3Lp-qFyYFUYb88S7JBOONREFbpd1qRq4qFGjCMex7oDEz7iMTiIm4FpGlYWCc2ahYg-zCAENLCMPtAOOPwuwijhOsWhfra0LYTFK-5rnrksJtRy1CBw6aw5IxaBVpwMJQ4pSkv6nbUAQ7wURn9nLpP4rb3Yck-xNFI_TgFEsh05Q43B0_RhBpBwjAqtzp9hx7a4q0YRH4q3Uk9dSg&sai=AMfl-YTKHy9oeNStmHatGAKy86wn_iKWQWgnDz0B6AB-fCkUQIjijkKAJtd3WgDTSo7HQDEF5PBuHkbnXep_04gsV-7x6BMFQEEQVC9XjUQ4YTCNPWtgzx1RcvxTfG1VtJt8_Kp4tTz3Ag1cLnMi0EI&sig=Cg0ArKJSzOmZmGoOmi1OEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 43ms
10ms Script
application/javascript 13.225.78.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:58:21 GMT
content-encoding: gzip
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 30876
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 7XBgxCjz-P5hXBulog97CokdqIIMrP9mu2zWuruwafENrcJic0BAmQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 42ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Mar 2023 09:32:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pf9AoHz266NaZbB0aNCg18kuQDWcua7hN9xgf1Z+NkWVOmVZsyBweZVp1dgAPt3qpDVnC8dWDGjk2QOfLRQjgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ Frame 82D0 360 KB
119 KB 84ms
83ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4441741714620967&plah=www.portalt5.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

617fcbee381c6e4a0ef60c3c9e549d31b8ed234b561ae8befec09a32570390e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121304
x-xss-protection: 0
server: cafe
etag: 18394285455503568799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E552 0
0 56ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqk-eqbTxva-muPrWPmggL8ZhgynwA1K879AC-6SwdPQC-f7YJMdhZePRQG840E5aa9p6o8ayybC7HjzJZ4MOLfa323vYfjeOCt0K1_e5Mqn2ptejHZ3IAtC7F9j0DeJVWeGZZBzZd9aN957VS1uHAyEpSr0Qca6jT4UB5cLWN872q6aT5E6ipeiBsOfGKLgkl4b0kHJk-0rqiZpw2TsW5HJBRozkiaXgFuvGHp-8ZfY03wyTymcuGfi4IreCusxA_rNMSfiaQW3XJ6GVlslGcr0QVcRk6D-cWh1dbYX7AhaDsf0sOE2xQIvOP-6WWoVCpM784L5SVjqlEal3Mu9g&sai=AMfl-YTmBR5QBe8d6qz2soT7RA1aqXnrI9rv1NSwGJSNb55qOBQAPszzuV6-BiDU7lVgnQrnD-HBA3NxrqXZUQYMMTF-tIKg6iLVT_UFwMi-yfQ0pBYwT1llp0wyQUm1rfml6UnWDVj0-e2DnfIDo8M&sig=Cg0ArKJSzBZ0-Xx9bkm4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3807 0
0 55ms
54ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-skcq3UTMQ61pQ1ETpsIx0w7Sa6tc0dU0B10z-lz7jyRAkI5Gunwa6f469cI79V-5qNdB4iS6IjWhXrRtmR6jNR0xju1ynnA1A_oCCRTqRz9L3IjNQwVxyOH8Vl86ityiR66Ia30UkdOuAQolfOPqx2IPXobLxDtY-xoJmzfY8I79hK2MTqeL7b8cehbE7V_T49chQ8t2oKTEx6lrSxw4wo7N_2WQSsHW5FHFjQokwIW42e_7-kIkLser_i96zeHxPEakJHKMNwZHqnSDKjpZpnFEAxdUUEDg22N2kIgzSCUnNdTX7hmb9eqPYQpMfdTv37HZbtKsI66vCBWMbzM&sai=AMfl-YR5P_GGy_MY349C7j-hxxE9utRbxwIv3GJq2TvhG9UiCKiMT1SzwzjNEorDOPSPM96886QFxEjdLOfwE4uBVGbyswExJQVlbWUoGxR44RxN2GQACyf1n5xQBzlzWDitWBKozTIWQMAzlANENzM&sig=Cg0ArKJSzNESX0Hkao2YEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
DATA 200
OK truncated
/ Frame 82D0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a811c8baa39758b46dcc2da65e9445563166185e97bdbffa692c03206eeebe44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 383B 0
0 54ms
53ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYdQd_ttCrso0S4INMX_AdVVw9-BAmCNGmLjH1t-YjK6TcbyNDXlXfx3jP3nkMFvwPJD3Ux8RR8LUqDbMrRR1FRwyn9L_eXqLgdfk_DMHFSWwU5XV97uIffJpGo1_LQCpOHeOtMHPn_dHyTkWKkIa-pMpX1p3clq8icLcZVQyN6xbGOdXviicMvvVXA-RnIRT0zyFqcO5Koe62KcX3BoA76Ye6B2r1bZknXmXY2HKq9g8jp6a6--3Fa7R8-KarA1dwiDy4hYfaQRliTv9uYoKfD_PZlKO85jtKOmI7NP1oiHLxB50Ie3y2tP0EItEvtDoKCHQKSqghDBy7U6Zgv0o&sai=AMfl-YQ1297ZUzyaI07CrQHl1z2XSr4z3KPfACvFejHGMOmu6TnJRhdV4M2dAYE66hpgXCV5Zbyq0wRO7uMrjCAe_iEOfvaU2oapJcJeCoqIavqWe2DFcyzoAw0SmXySwzIV96RYXJWbT15NU7qiy6k&sig=Cg0ArKJSzPd1AANB9aW7EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F894 0
0 54ms
54ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0wAJgQcS7IcnxALnphUyD80PzE-47wkjwnWD5UDBznoqU6xm9wacxZVr7aD8DGbjssomy6toH89mQoh5ucIDcwR-nJgq3QB6x_Uh01jAkp5pDZ0clZ56o_BNx2Njh7_Dyqlongvdn5FSWEV6SOkQ-fjPp_XJH8HLecK4xWnI1v8lNeOSF8o3GwrttNMr_tnztcf7B2sx5qT6Vcv-rYYjUHy64XubKxDptP6zTk7x_xlDlBB8uD9wWtpT-rR6Vvq_Ewn5Ge88hVm8Oand_LHP675MM8LO1jCdZc-KqWI0md2Mz4Ff8j22WL8HLM4otbIPnvWSusG3olVjAeUi8pFCURHfpFEnSTOf1Q-k&sai=AMfl-YSq17Sn5cquwzj4UWBbk-WmwIFwRaHP9dtbdyaHN3YL82nUaPuePOTa2iVbhoOFNHDVHtk1Ne_Q2ty9R2uEaAd7f5sfW3hhra85v5fpDucKuHwKUyeWCwStocwYMiJ_MyutIDfdHjac18uAaqE&sig=Cg0ArKJSzO7yRG9FivMUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB34 0
0 57ms
57ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssH-elYIBe6T0-pyzZ6yXBUQpXqjknfGRKGn335f9WHrcF2fnvzZ-EPqPqbVKdwvPtAo-yHAOWY1Xt2WrNUOe7wGG6T2MW-7sQtXKsLPZ1L5L1jSNrJbOT9LAgLsqHXJSiRCeNu8v-mWX1QrDRbbY7wPl3IpJzbu0FXv5Wfk5wyX7ioKOx90fdl4Wx-kc1CqNxrtAfEU9Aq3IsXXG--58oLtdiUVlsUOekFoZ5ol8Q5RJkZQTY3Cj9A46iOo8ARfa2qjfvU7VgFjuDsf2BXPIAImdnCrV1usTFNwP78iMpBVXIdzRa-CywC2vQzc4gHVKed7kjvsHDGYMPhnqExnItwfM-21g&sai=AMfl-YQxXEz3eL5avUkWysZZbobGsxcoILzf-1ANcmL2QBRHNfb8vj3NxHdz4_o-gHd39dT7ysmOYrz562LN2x6cW2hM1ePw9WNAaAS59p5NxYI_PBVO-VYQvJxJfNUkRJ4I9l_pG1zdW71Pa7IZxBE&sig=Cg0ArKJSzIblQSPZ8M7OEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AC3 0
0 58ms
57ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjImABC5yOahifKpqgDkKpjGo5P0aP9VRiqmxgdVrJrCatVnDPLJC8w-OP-nWFZXsZzv5gBYNYKVd2tTGKhkbS4ikcK4FXX1fTFPFmK71S5f4WpOaz4genz6OQ4YCGEK-PWHuCOtM7aslG1NyYF1QUhhsfgLWAkGYzbKYLrFXr00B42GxBVGvpXi7M4zbz2B9xSxq7GXRByQ2g9McOZARdiVWQDdym0NMFJVI5l1ZNQIKgjU1XwaW-QshB-T4UPBTg0_MtMa-gveHm6gWofUyX-T2Eb_ihnTV8Cv6HqtRJ-4nloL1vBhai5ZMDR-bPpa23dLugvgotY0PCPGzTLw&sai=AMfl-YT48Jf3oJklmiP2CTDqHDoQLySpHVHSOPhI7ksYfH0WkcYZl0g5HvSeJ4AOGwlnLPpvKp42hyxjKtrmNrulXHfeXZW35505uOo5ENAP29IMzFJCr00PnxWlbD9hTdCj1LjmPxxpfizV8H_5WOc&sig=Cg0ArKJSzJwNiiS_iYBQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 506A 0
0 55ms
54ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqzoWp94Hm06PtIeLgF2XKIOZlGR9aaKe_6hZ2lBNpQyu3-m1n0x1BPChGa1nXhFLqBgbIZhlFSUQZabCniwVmLPRuxU-RByUkWfvdDDezYqiusjpQoCZlbtZmEGiF4a9DbPw_-LCv0ovxoUgUFbHyKQc7HfZm-EmJhdAX9_FLKY31BVPxZivEpDJkK3v-Hf80DzVT8vo4qm5eqBeezemdSwu049_Wvg3qClg5cXxizyfzugp06lNMGIwXtSzPQRQpx2bWDY7JfL9B0FXuQCadVgJi0lKeb-fjx7Lp9xatilKKbidwqacVoI__1oJ-JCptTHNyk-Uvq9KiV4yzCQc&sai=AMfl-YQ6jjwvA2jEqdLSxsMi9wVkypVFv78FSkCcOnilklVFTMJNte7N4IqJ7V6ODYgaYl5q8zXD8xwW1EleE20JZA-zbp8_8o_HJhJjbjuLe9mNin9OS4YjkkFCVW-wLCFTEjjLrQH9sX2WBkHB6bc&sig=Cg0ArKJSzJWvKUVU4afwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7584 0
0 53ms
53ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5U2tdiZ7fuW79l_bSsSuEkmZkQIXSf5IGyf04j4C8kOeXiLBcYM1TShyV6J1fE9EhwBtYqwCpj6_uQbMQme47jYgqsQg1DBwPw_2TSVOmuVFqw3hc9xYjCADtp0qegVPBd9_mCq790rDLGnhIHtK5q0CcTJYBny7cV5NLG4eMzBmouZMbCYChITboeW7kshlpqdUld2RdHdyT65VAVz2FtQv5F6KdTRGaqr1rXkNrpKK-cO9dP_kuV0-p8a8EwK6Vk3kh8j-g-DKO4yXTMqgxVlEJ-Ktblk-wKlFWonXbbui6HERWrBppI0NYhQZju31nx7W-B9N0IAqd8lmkMc6rNSsT9Q&sai=AMfl-YS7Tj_SF8WQSZG42POLmivnrIgi3_lL-ZiGKR6hXFUSx8J-_6MvV8_qMwSE0hX_vKXfTLr-GIOoQ8RBRiquEtSsggfdrRJxXwb2R4XV8Na_qPnM3lVD9ZEsKA-pRgJLAcIHh6v7Q28KPs4dt7Q&sig=Cg0ArKJSzOQNdJEHk3QiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:53 GMT

POST
H2 200 / Show response
www.portalt5.com.br/sbbi/ Frame 75C2 532 B
496 B 31ms
31ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf&sbbgs=h4da341fcdf72064e33ee1a4fff119519b40&ddl=2
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.portalt5.com.br
Referer: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf&sbbgs=h4da341fcdf72064e33ee1a4fff119519b40&ddl=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:32:53 GMT
server: fbs
x-accel-expires: 0
x-hw: 1677749573.cds317.fr8.hn,1677749573.cds107.fr8.sc,1677749573.waf1-node03-fra02.stackpath.systems.-.i,1677749573.cds107.fr8.p

GET
H2 200 c26b31b3-e026-4f95-b46d-42a81eb00650.json Show response
osp-assets.pn.vg/ 119 KB
15 KB 51ms
16ms Fetch
application/json 2606:4700:e2::ac40:8608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/c26b31b3-e026-4f95-b46d-42a81eb00650.json
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc41234f689da2d224cb6ec76fedbfa439e24edbcdfffde91e7c2084a4bbaabd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z703Y1NPXPNDQSRG
age: 1945688
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0BL3WZqffy1t7q5YUYcGQx9LHcLTSPrTVQV/3u5krl6t9WjKL8nQDSXP+96jEZETMUray5losZ8=
last-modified: Mon, 07 Nov 2022 14:14:05 GMT
server: cloudflare
etag: W/"f64f1fdd3e1956981f30b933b868c09a"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqM8bnsHnl5LznlU0gtpFqbt54%2FbWka0Fc5X6zion5QRCHM9yvlpEiwTmy6QsDIZ%2Bxq2biCLu0MhCH9dpyCcpMudoE7Q9E%2BPU123noB9KgIxA%2Bt4vSIF%2FyMuQT7Ek%2FiGgn2BDk7zayUuTpqh%2B4rm"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7a18a291ef419072-FRA

GET
H2 200 pushnews-sw.js Show response
www.portalt5.com.br/ 62 B
340 B 913ms
913ms XHR
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portalt5.com.br/pushnews-sw.js

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

X-MOD-SBB-CTYPE: xhr
Referer: https://www.portalt5.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-origin: web
strict-transport-security: max-age=31536000; includeSubDomains
age: 25
grace: none
x-cache: HIT
x-app: portalt5_node2.portalt5_portal #0
x-cache-time: Thu, 02 Mar 2023 09:32:54 GMT
content-length: 82
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Dec 2020 00:05:45 GMT
server: fbs
etag: W/"5fd7fdd9-3e"
x-frame-options: SAMEORIGIN, DENY
x-hw: 1677749573.cds317.fr8.hn,1677749573.cds017.fr8.sc,1677749574.cds017.fr8.pr
content-type: application/javascript; charset=utf-8
x-varnish: 1623213 142206
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=120, s-maxage=120
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 34 KB
9 KB 15ms
14ms Script
application/javascript 2606:4700:e2::ac40:8608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f92720e61715901ec68eeaaa92f3148a175054370df656992613b05b51520bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS54-C1
age: 5587
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Nov 2022 13:28:54 GMT
server: cloudflare
etag: W/"f6232fba8e67cfd7c188639053936b4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Ftltqm5JnEJ90f0Uq%2BZbnVBKNyc72h400lhpjXli8a9%2BnQ6k3Oh7xo%2FMvJeZtx%2FU3ThzBOpGQWBDgCbuPguuEcPO6RaVJnbaDZXTiWEhpb%2FMGuHgS2WY4FYbbAoK50rtMVZq92Ha9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7a18a2977d8c3668-FRA
x-amz-cf-id: l9NdAvIe9qb40wezZGgL5DhhEumJpTdbQI-booE24BkDcQHs1zs_dQ==

GET
H2 200 header-partner-no-sticky-red.html Show response
files.metropoles.com/header-partner/ 10 KB
10 KB 382ms
25ms Fetch
text/html 185.76.9.107
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://files.metropoles.com/header-partner/header-partner-no-sticky-red.html
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.9.107 Stockholm, Sweden, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-9-107.azioncdn.net
Software: UploadServer /
Resource Hash: ebfca2871cee0db06c7fd43d32983c0a7562f3d1183ad148b36bf6357f4e14c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
age: 0
x-guploader-uploadid: ADPycdvFZblkInfZnHk5Wxr3HQHB9JiojhyzgtmXs6SVw2yjnhqSVB4FGFmOmjIZ0441Yc9IEbYDRNYaUSsb3VSFa-fPvwgBaf78
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9974
last-modified: Tue, 27 Jul 2021 21:21:59 GMT
server: UploadServer
etag: "17e644732fe108a22c2acb7d1ab31f11"
x-goog-generation: 1627420919605744
content-type: text/html
access-control-allow-origin: *
x-goog-hash: crc32c=IJsDwQ==, md5=F+ZEcy/hCKIsKst9GrMfEQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=2330060
access-control-allow-credentials: true
x-goog-stored-content-length: 9974
accept-ranges: bytes
expires: Wed, 29 Mar 2023 08:47:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC92 0
0 57ms
57ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuXWJ6_Mwit_G95uhJiwdDUlu91Fx_I4XD7oWgeX_7V1vN4A9ikjqSnTgv7DybvOlC0MpZHBl9m0lKMqnwPnUTnrgYDxzdi5X-mfvThH5wY_BkyKKO4SbRPPH_Uk7gcBabFiBlan_nYTyJF0YmYGyB58VMoi66I7UF2LssRHk736rDJ_lw6bFIgEMxjPougpyAhBJ7h4cAXJrFrYsrwes40x2yLUaF6oUzEFrvbOtfrshYiOi9emwcbRiE6CaG_z7l_P6jCHU5DFqWhhY_bT4qSZcIoTP16qEjHTtrzKa8kTda0oVXKRA2v8_m8H_l6zBt6HtX9AFTPHO7AXeXLLPb9g&sai=AMfl-YTqC8CkQJrQNC2KYHY4U8KJ8JWFZg4MXKta56dQJbjERdXGqEEJuG3OTxLumTmGRehMMP5wfwqxBRT58bncpNMkIivGmFuKkc0EX0QnJYakiUXFNJCXj9PQ8IKhkCl42omCnfSA3iK3HiNTPYs&sig=Cg0ArKJSzMeay1U5abY4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com
URL: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ;ID=181570;size=728x90;setID=481283;type=js;sw=1600;sh=1200;spr=1;kw=;pid=4680949;place=0;rnd=4680949;click=CLICK_MACRO_PLACEHOLDER Show response
ads.metrike.link/adserve/ Frame CC92 2 KB
942 B 238ms
26ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.metrike.link/adserve/;ID=181570;size=728x90;setID=481283;type=js;sw=1600;sh=1200;spr=1;kw=;pid=4680949;place=0;rnd=4680949;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com
URL: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

0363ae7e6f5455379d350bcab72185f8d4e8dffea6c890a74470a480010f3d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 108ms
53ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-53443223-1&cid=112243227.1677749572&jid=1347313777&gjid=1189599893&_gid=1462049325.1677749573&_u=YAhAAEAAAAAAACAAI~&z=1998566338

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.portalt5.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 09:32:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.portalt5.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 128ms
74ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-66850008-1&cid=112243227.1677749572&jid=824343353&gjid=543987540&_gid=1462049325.1677749573&_u=aAjAAUABAAAAACAAI~&z=729096052

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.portalt5.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 09:32:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.portalt5.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0AC3 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAToXvZ0v_RdVqgSvY-a978UTKZ29uQYBcUKhzP-Ysh5LO8RS2_JU1nbeGYofiOHQQL-P7PiO670LIMzXEwuDIffjcW3EJxnXm_5BOo8YaFzFlHOtD&sig=Cg0ArKJSzPY5D-wO7whWEAE&id=lidar2&mcvt=1134&p=276,436,366,1164&mtos=1134,1134,1134,1134,1134&tos=1134,0,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=117359128&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677749572635&rpt=654&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 82D0 219 B
556 B 93ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.portalt5.com.br&callback=_gfp_s_&client=ca-pub-4441741714620967&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4441741714620967&plah=www.portalt5.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f262dc787536f9d585a20f9f4d6855f9c6d154e4109b7b9c7105a2e40a333c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 82D0 107 B
165 B 42ms
41ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.portalt5.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 82D0 107 B
165 B 224ms
224ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.portalt5.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F01 21 KB
9 KB 226ms
225ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87492e6ed237c1c8f435add674e7298ecf315e6ef5a4d4223b9d8aeaa9a0f78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 9634
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 11ms
10ms Image
text/plain 13.225.78.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20966896&cs_it=b3&cv=3.8.0.210223&ns__t=1677749574505&ns_c=UTF-8&c7=https%3A%2F%2Fwww.portalt5.com.br%2F&c8=Portal%20T5%20-%20%C3%9Altimas%20not%C3%ADcias%20da%20Para%C3%ADba&c9=
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-101.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:54 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fO9f_oKBNRH0LUp8-yZ60kGgA9_pwn0c7BnDa8Hp8uHwemzPmzXVUQ==
x-cache: Miss from cloudfront

GET
H2 200 175667669769771 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 87ms
86ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/175667669769771?v=2.9.97&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a744eb47670bdb8ec23c65f0c0485a1bb64b2af198943e98eec88c871dbd516a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Mar 2023 09:32:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tah3I1W7QHxsmimy3z2bdY8MHEvWW+fhemNxETMiYoTrC43LI96yWB9L3Z+cLWEScMiWOv6nfaAEv5rkcsR3gQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 117ms
54ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53443223-1&cid=112243227.1677749572&jid=1347313777&_u=YAhAAEAAAAAAACAAI~&z=1871410108

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 40ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53443223-1&cid=112243227.1677749572&jid=1347313777&_u=YAhAAEAAAAAAACAAI~&z=1871410108

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
b.smrk.io/api/public/geolocation/UaIUuQR5a1vmYEZDK0maG6SIcUjTk5tGj2Yj/ 474 B
604 B 430ms
104ms XHR
application/json 40.121.178.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.smrk.io/api/public/geolocation/UaIUuQR5a1vmYEZDK0maG6SIcUjTk5tGj2Yj/
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.121.178.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aae3ef1d78104d02218710c0c9a10e109c3ccf5d36ad4a0123181c60e8b78dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 09:32:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Method: GET, OPTIONS

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 59ms
56ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-66850008-1&cid=112243227.1677749572&jid=824343353&_u=aAjAAUABAAAAACAAI~&z=2098083051

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 22ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-66850008-1&cid=112243227.1677749572&jid=824343353&_u=aAjAAUABAAAAACAAI~&z=2098083051

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.portalt5.com.br/sbbi/ Frame 75C2 25 KB
11 KB 39ms
38ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 58707a3255f4b08c1300e12013e6d3abef7abe63490e3c77762d80d6515967eb

Request headers

Referer: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf&sbbgs=h4da341fcdf72064e33ee1a4fff119519b40&ddl=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:32:55 GMT
server: fbs
x-accel-expires: 0
x-hw: 1677749574.cds317.fr8.hn,1677749574.cds156.fr8.sc,1677749575.cdn2-redis01-fra1.stackpath.systems.-.i,1677749575.cds156.fr8.p

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F01 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AN_MWX-dMzK_Q_AbaD8V_NaxihmWMWuIS6bQJEpGEYD51i1a6H5RVMThwda6VEURqCUvxn_7kDeXUJp50z1IKUu9jmkfNwut63ZI8AHrbILoECYtY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F01 0
20 B 52ms
51ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8588587203090336489&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7F01 78 KB
27 KB 101ms
100ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:32:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 7F01 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 07:53:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 7F01 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:41:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7F01 0
0 43ms
42ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnhAJm2tCRyK9O5gaad3GdPLcNvueZpDZAgncer8Mnb8SnObP87PgsBU3mPdjtEvY0QtbovoiqCx6ApUAVJIArwEnfDw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F01 158 KB
48 KB 105ms
104ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:55 GMT

GET
H2 200 index.html Show response
ads.metrike.link/creative-181570-3749666/728x90/ Frame CD76 1 KB
2 KB 15ms
15ms Document
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.metrike.link/creative-181570-3749666/728x90/index.html?clickTag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&clicktag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_location=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_zone_id=481283&__ab_zone_name=728X90%20-%20ALPB&__ab_publisher_id=98937&__ab_publisher_name=T5&__ab_campaign_id=737509&__ab_campaign_name=ALPB%20%7C%20ESSA%20CASA%20%C3%89%20SUA&__ab_advertiser_id=156990&__ab_advertiser_name=ALPB&__ab_banner_id=520934091&__ab_extra_data=&sw=1600&sh=1200&spr=1
Requested by: Host: ads.metrike.link
URL: https://ads.metrike.link/adserve/;ID=181570;size=728x90;setID=481283;type=js;sw=1600;sh=1200;spr=1;kw=;pid=4680949;place=0;rnd=4680949;click=CLICK_MACRO_PLACEHOLDER
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 4dd4d788c8228ac14c9469de698a95eabf9b86b9bf028a3f91a1e729757e6403

Request headers

Referer: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com
cache-control: max-age=31536000
content-disposition: inline; filename=index.html
content-length: 1380
content-type: text/html
date: Thu, 02 Mar 2023 09:32:55 GMT
expires: Fri, 01 Mar 2024 01:32:55 PST
server: nginx

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C2CA 624 B
242 B 20ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPvdIPZOFuXxmMC5LcHIyUX0SmzEApSZTW-AOrEA8TDdbC0czk6oicyMFsCBbJ-FIXnuBgw9ALA4BqofL9k7LCeaLGsYPaKmZYy0wqPEdC631KK5H0imM9afz7hBEht4coNd0BiUeGno-tTk87buPuc5HIX2EKvh_pvZ0b9itApt7gNIY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC92 0
0 54ms
54ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueJgLMlmf6w6kJBq-na66qWbtuCf9Vz_lMjnSl4fiQ9sX_H5COwDGhIOddOCAh31-eKFtwVtrNPxOSuEy2r_SmEP6NDvvCA7mmRTfbMs1im1tsJUZhRX_z4mGmUqRoWdnL7RbiPRemgY_YWdABC0fckqTRLmSeS9DB7H7Wg_swnEZgu-bdjYNbjO6zvTpzvBW_02FFTEX_T5kIN_IgZ9AAHV46_SWEzedJc04B6y8FP6dSrkC1mBx-H3JAftBwPYLSq6mEcG1_6LeOz4x4kMjjatISp9sEvd2SUYHN2kcbqEy0UcEkYzTrg7NdPzy_BS4IU7bIzaXYw0H_vfnx9ktpuDOc&sai=AMfl-YRDyN-tUHiCIXYy8321n4Ir96uqDNh66R-e6-koU5dVdKQRirB4FhdMCxHtPl4_aW_dwvAP5Rd6FmGLfZxcxqT5hzfYiyCIIiL4P3HCab_Qjl6NNlLGgiEiFk07SdVyDWHmVm5HEQYfJZFr3FA&sig=Cg0ArKJSzAc-CX46RlufEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:55 GMT

GET

/
www.portalt5.com.br/header-partner_header-partner-no-sticky-red_files/css/
Redirect Chain

https://www.portalt5.com.br/header-partner_header-partner-no-sticky-red_files/css
https://www.portalt5.com.br/header-partner_header-partner-no-sticky-red_files/css/

0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 52ms
10ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=175667669769771&ev=PageView&dl=https%3A%2F%2Fwww.portalt5.com.br%2F&rl=&if=false&ts=1677749575029&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1677749575029.1294204237&it=1677749574512&coo=false&rqm=GET

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Mar 2023 09:32:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame CC92 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c18ca1c3fe936337de7d08a48e36283e6df2122ab193f060e85dd249c69e0093

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 728x90.gif
ads.metrike.link/creative-181570-3749666/728x90/images/ Frame CD76 62 KB
62 KB 9ms
8ms Image
image/gif 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.metrike.link/creative-181570-3749666/728x90/images/728x90.gif
Requested by: Host: ads.metrike.link
URL: https://ads.metrike.link/creative-181570-3749666/728x90/index.html?clickTag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&clicktag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_location=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_zone_id=481283&__ab_zone_name=728X90%20-%20ALPB&__ab_publisher_id=98937&__ab_publisher_name=T5&__ab_campaign_id=737509&__ab_campaign_name=ALPB%20%7C%20ESSA%20CASA%20%C3%89%20SUA&__ab_advertiser_id=156990&__ab_advertiser_name=ALPB&__ab_banner_id=520934091&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: b04d81950f3e0e5d80912cd98ab15b9e79ac7d01402806dabcbffd95ca1da6c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.metrike.link/creative-181570-3749666/728x90/index.html?clickTag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&clicktag=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_location=https%3A%2F%2Fads.metrike.link%2Fredirect.spark%3FMID%3D181570%26plid%3D2013947%26setID%3D481283%26channelID%3D0%26CID%3D737509%26banID%3D520934091%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D728x90%26mt%3D1677749574604676%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttps%253A%252F%252Faf092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com%252F%26hc%3D121282b517d56e1df22596142265a6002bbd4096%26location%3D&__ab_zone_id=481283&__ab_zone_name=728X90%20-%20ALPB&__ab_publisher_id=98937&__ab_publisher_name=T5&__ab_campaign_id=737509&__ab_campaign_name=ALPB%20%7C%20ESSA%20CASA%20%C3%89%20SUA&__ab_advertiser_id=156990&__ab_advertiser_name=ALPB&__ab_banner_id=520934091&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
last-modified: Fri, 10 Feb 2023 20:32:35 GMT
server: nginx
etag: "63e6a9e3-f710"
content-type: image/gif
access-control-allow-origin: https://ads.metrike.link
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="728x90.gif"
accept-ranges: bytes
content-length: 63248
expires: Fri, 01 Mar 2024 01:32:55 PST

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C2CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1

43 B
766 B

11ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPvdIPZOFuXxmMC5LcHIyUX0SmzEApSZTW-AOrEA8TDdbC0czk6oicyMFsCBbJ-FIXnuBgw9ALA4BqofL9k7LCeaLGsYPaKmZYy0wqPEdC631KK5H0imM9afz7hBEht4coNd0BiUeGno-tTk87buPuc5HIX2EKvh_pvZ0b9itApt7gNIY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:32:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C2CA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABtR6x-N0jVXl.TjYLPFAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1&google_hm=2

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPvdIPZOFuXxmMC5LcHIyUX0SmzEApSZTW-AOrEA8TDdbC0czk6oicyMFsCBbJ-FIXnuBgw9ALA4BqofL9k7LCeaLGsYPaKmZYy0wqPEdC631KK5H0imM9afz7hBEht4coNd0BiUeGno-tTk87buPuc5HIX2EKvh_pvZ0b9itApt7gNIY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:32:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_1NTupOEGiaRZzZxfHLvA&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C2CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFu9go5uL18rQkz6yTSXWM8&google_cver=1

43 B
1 KB

18ms
16ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFu9go5uL18rQkz6yTSXWM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPvdIPZOFuXxmMC5LcHIyUX0SmzEApSZTW-AOrEA8TDdbC0czk6oicyMFsCBbJ-FIXnuBgw9ALA4BqofL9k7LCeaLGsYPaKmZYy0wqPEdC631KK5H0imM9afz7hBEht4coNd0BiUeGno-tTk87buPuc5HIX2EKvh_pvZ0b9itApt7gNIY

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:32:55 GMT
AN-X-Request-Uuid: 67932ef0-9e2d-4ddc-bb9e-ee9cd2203e2a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFu9go5uL18rQkz6yTSXWM8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C2CA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D

170 B
243 B

45ms
45ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 013476b0-e7ea-4ac8-a038-a5fff6be9422
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F01 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4689393877437&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F01 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4689393877437&version=m202301230201&ct=77&x=1&cor=8588587203090337000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7F01 15 KB
11 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqVw5VlwuLVWpFsPLMR27eV5gYNdFtxuVEM9z0eHM2sERQ-yyZq0B5v9N3dzbjGmH33cxb6ekbeReZgIYR_oTpKYQokPeF8OTQWeW1ckW0eBmIreZdE9QLqwvvk68qXZbdezxS3Atcz-T1BiOHjjdBALR2ewrkiJKUdFF6MTD1Fy5T3bE&cry=1&dbm_d=AKAmf-DBi49l1KW6DXfP1rnlR7DY5JjORkP0QCw0LVIp1rDfjtxCrNn95ATHiPBEA_0zjdt_ptX1nCjQyT-Lvmv4bdyseLGrOvwhjHjccQL-86GgV3QeSdVWYP4GKxcteI97xjYkCZfoJSJKMNMEO-KQP_jgg_H0icliVkwLootN2Yr1-3GHhCwifO0JPXc8tArBmEAK1n_ndSydXUfKeiqD8hO-Ef3sENuQ1FMgxZW4cE0n2L5-7DJoTxTG9QlMNSrFbnBwQkLcchR7TxR76TIX918yN2DitDYj5Xq2QivMaHvJ1JK5puIrUF89GyuHpK2ZACa0c8GB0zjcT-GwkhyidP1QXz4wku_5Rm12h3isPm6y0vBiFmivLmKwrasGuX1c-PAugATMdRhiTGXlCQJXLz8_mzpbdNJTMqH8l0KNEHoSu5eLRJl4BBqFb8LrwOq-bg5Af-IPt7xhCYx2YFdLdFuOTHw16rmT1ltUjLiiAk9KPtH1HHM83tugx7vfI9ca8RHuR8PWBYi7sWUWbxHiwEZa0rVftxOW9Tao1bBirFKfs8u78swu7AsKI28hXrBSvndncASutWQLGQd3lSBi_IqD_qE20i7atU3m9KBsLM5RN15JV_eXnf3jJVYqXN8sIM0o8dwtiB0R193AgvBtX5O0YXLiZ-Nt8wQArwpiXHkyNREZ3HtIMIcnuxjs37OU2QuzxcWrqyer57-Jq1ZY-UdVvtiIkXCbmUaaFrkrdKrL1ZTGVFmBJoulEhocgPWRXUaVGe7BmmSADw5nz6FwALAMg0aEk1mJEV6sHmCHNV3fIJAN6mIlm7WATMDw_1UYXZ7NKZCJvmeKnEQXn_tGVFv2vcsvC2JSYbnEOjZAXSdT_27DjCAzzNDuv-Wf1kBFsuPk0EeH806yBbsWtLL5yAt895GIb42bmZwGzGhwTRlkJydfDSETaBTMmp1RtJflbUWsm0fvoYe9nYsCICe_vQxNacFasAp_PstkXQZ6RnbsYzj0Slcf36GyjH9hy7_D9O6qWvBIqrj5l2KO4U_5HScuF5vSGcJ0MLEM-ROrkPkXu2J8Yi2UQR0Td7nUQZlV1ZpGwiC6x_ANKT7yTUU9BDvAimywIUhw4o3GPB_eQmoVF2OUGyX9nsI5jrDZcDptsYmhC8zIE5yxYZsoeROB63ylZzJvT1tY1N4FJyGGVibJqvmVHiPOu2kB_kqlWWCmzu85xYcAY_4B6Sxi0-XG99eBY6cg6_EOpZ9AyzGxPSzS9nL5OWSgdgceBrXaRvdUOuMCElIxeYAfQ631iTef9-hGpP8tbuwppQHAFxRdRvzjmHZm_Q5sBfnMJyov8EaEZw1iCw-NYep3VvJqtWq70GvgohhBOn5osB52Wv6c3rujzoDf-Uku88BXUumVjx3Ii7_52rb5dL0JLvzBE_CRxsovZAvsjcq7l6c1oDLI2iocCWnhM3-hhXOz3vTqAW9WsUSr_tGfZcMzDtyvWN8V0HsWQbJVJDQRww8BzeLwnvPGBV1lM1ah7mwsI73qNWRyz4FwwOtQUqYuVw8QQy40TDZi67UEBw5L7brxwWfDY39Al2d4XBsne5hcXaI6GV7pVvbdWvksUv2KPPuvfZNhngtCHZQaK37Molmheta8Ts-K5HcTljryU6q1qRMx8k_xuukBHS_HYkMblHxy5qWrYVD7aZkHgo-_z_RxTcVJGfJAqCzzEXfKs-wLNHXJZHBb0GnYKOjgaV6k_gxlZtftHXol9nm4k4HNoSxRDF9xQrNRTs5BdQdpJzMT2z4Udsj-Ib-CY7Ov1rlndIJUjz-Y8w-UT_yR4wjdxKiJHgnig9gUXSkmlYoav3o0-nn92nlJhZKmi8lDmyZlgK-2O78-E_mFuXZ3TGMrCDRf_ZB0L7tghy4tsNFeDEZBfCGp1bMvYYUli2e5i1sRrXnpepk8RPSruY4H5UyRWGqd58psCgzUrc_ymHjzy6nVSbRYBaodmg6asjX-5VeiULgGeJUwSFdXCrswylyiMEml4J8RcdT7yb-3krKIaUT11i1vgpKwoDRzKvpSZEhodYQ0Yd6LwYMJB69FOj6h6BzWndN_Mud4ewbPwCWgONslDo6lY7-7OmYqsopf05qhvxh-MXQGez1JHunNeyAl3L7vpfuz-NJfF-2dEVXOK753aDYnAtvj33vYnyh2ivHO_QhahIwUybvaeDl0KL5Ijx5VThb4oMiQlAmzIOxpCShkeDWkMydZSr0Hu_eK9evJ_Jwx8jQSgCSx7zXKm7RGXRI419S8FK78bHipAzBDKVunMANDgzYmYHZ-OhgQPBTQmVULotydheACzQCi7Z5guDZCc-oLc7A2KrkIdSk0w7o9qRULu_pbASt3vn4oG4bqtPIX0FrH9_zsLLAc2voWBZKmAjKpax1WX9TF-f_WS0qo0t1u6iwX2eBt5sp5lg5PE5XCK6zWWkGWOvVkY9U2tiUuNF9FRwZXfClQmu5vzkL8YRZq-ZEtRy7LKwokAXGkHHlL4nLmXDxq1SUWqLX0p09gzpmJseL-zej1dfZvhMHXZ3jj3wXkNtua59x2iJF9YuR0uQOGiXh9rY-M4G23BpEv0gmvxH_Wd_D9rxeGfBOMPXaDPTWWdNh3QlW1QvXCbY39LZQ5EaJq-pSCqNP8Wvko0muhzDWTHrAZEWfa86LVyvx3nbUYsugjNsNFaWZz4D-Zn4wYAqLLlSwA4qjGvt7IWt71B2UD9vwBrSlvFoaKOTxZI4pV4dH7jDQ5Bg6HDn-hblfKq3dKHjQO5384CEPkvc9yvd3vkW-RfYumPgGv9yMr15uNsty7r4SCL9we2mFb7Z5JpeUNOL6avPutguFHECoJIIlFfI__UVoENl0pS1z7l5UsOwogw9StN7IM4uWpa1ltSIEQGeqLJjkeOfwsXnv622PsPC77GElkzeTC6lnG5Sjw1su_dZNbgdJnzirKpYkoPPygdRw8wFrMzAeIiFmtsvRO9KaNCykYhNY9popWWHYYxQ0-_GU51I_kzh2puIbEFLgxkFN-BiaSezzpXVD3PH0T-oyRXDGQMOSUGEYmZjp57N2f6AYoZuEX8FHfY5KUrRtA7eAooNHj2_qM_NW9uysTIOBrNeeqgnN6d-USU_-sY2Ph6dF1WxHTlA-oaUPspHAs83QTPFOPtDYjaxaAlZt5BAFhX32QNb-MYKJye304G-bSLT10M-CdTGtWseIpnmwL3ofQY77AP9c7RAokIw81m0IaojLnLYSTRmroegyI-OIOb9SRC7qoDt4SQQ1A_YR5nJSq3ryBaELOZ84Z_-XXC84o7sg9S_ToPr7Pa_dcMuC-4EHIir-zAksnAXvW7-rj9-J5OpYfGkD09a7wT1uaD8J6_NIiWG9-OSpHqod4WayJDOvEAZIioiHqGq5jo4hx8wWyJOEYCZepPhdqbuHfBhoz69mUMF0toQU2Lgj0XVBhGdW2u_2mkmqozIg_lAuI_N0Kbg5-5u1qy3xa8laCCryyhrGPL685M4VJcGcqcKLGdy98I4vaRYZy3oLifWOhs5geMrYtTjhwr2FuATO-RXUfcOrWmxJAKqeNbPfQ_8sUM2B3lfZjtN-PO6P9mzg4ZXGqy8gf9ny1YM7T1WUsZ_rqIPhe-zY2WdGvAFam5GC_2IRnlQdTMP0pRMPAqsHfdpkHGuBQRAlYcwl1b4GW3-2H4nDx2VDg69JOGQcAI6Xa7WbN&cid=CAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.portalt5.com.br&ds=l&xdt=1&iif=1&cor=8588587203090337000&adk=1405019969&idt=116&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3b163defbc983dd88e03720ee833c2b37ba38d2b95b90f4f3b87c8e09d36c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11466
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F01 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqVw5VlwuLVWpFsPLMR27eV5gYNdFtxuVEM9z0eHM2sERQ-yyZq0B5v9N3dzbjGmH33cxb6ekbeReZgIYR_oTpKYQokPeF8OTQWeW1ckW0eBmIreZdE9QLqwvvk68qXZbdezxS3Atcz-T1BiOHjjdBALR2ewrkiJKUdFF6MTD1Fy5T3bE&cry=1&dbm_d=AKAmf-DBi49l1KW6DXfP1rnlR7DY5JjORkP0QCw0LVIp1rDfjtxCrNn95ATHiPBEA_0zjdt_ptX1nCjQyT-Lvmv4bdyseLGrOvwhjHjccQL-86GgV3QeSdVWYP4GKxcteI97xjYkCZfoJSJKMNMEO-KQP_jgg_H0icliVkwLootN2Yr1-3GHhCwifO0JPXc8tArBmEAK1n_ndSydXUfKeiqD8hO-Ef3sENuQ1FMgxZW4cE0n2L5-7DJoTxTG9QlMNSrFbnBwQkLcchR7TxR76TIX918yN2DitDYj5Xq2QivMaHvJ1JK5puIrUF89GyuHpK2ZACa0c8GB0zjcT-GwkhyidP1QXz4wku_5Rm12h3isPm6y0vBiFmivLmKwrasGuX1c-PAugATMdRhiTGXlCQJXLz8_mzpbdNJTMqH8l0KNEHoSu5eLRJl4BBqFb8LrwOq-bg5Af-IPt7xhCYx2YFdLdFuOTHw16rmT1ltUjLiiAk9KPtH1HHM83tugx7vfI9ca8RHuR8PWBYi7sWUWbxHiwEZa0rVftxOW9Tao1bBirFKfs8u78swu7AsKI28hXrBSvndncASutWQLGQd3lSBi_IqD_qE20i7atU3m9KBsLM5RN15JV_eXnf3jJVYqXN8sIM0o8dwtiB0R193AgvBtX5O0YXLiZ-Nt8wQArwpiXHkyNREZ3HtIMIcnuxjs37OU2QuzxcWrqyer57-Jq1ZY-UdVvtiIkXCbmUaaFrkrdKrL1ZTGVFmBJoulEhocgPWRXUaVGe7BmmSADw5nz6FwALAMg0aEk1mJEV6sHmCHNV3fIJAN6mIlm7WATMDw_1UYXZ7NKZCJvmeKnEQXn_tGVFv2vcsvC2JSYbnEOjZAXSdT_27DjCAzzNDuv-Wf1kBFsuPk0EeH806yBbsWtLL5yAt895GIb42bmZwGzGhwTRlkJydfDSETaBTMmp1RtJflbUWsm0fvoYe9nYsCICe_vQxNacFasAp_PstkXQZ6RnbsYzj0Slcf36GyjH9hy7_D9O6qWvBIqrj5l2KO4U_5HScuF5vSGcJ0MLEM-ROrkPkXu2J8Yi2UQR0Td7nUQZlV1ZpGwiC6x_ANKT7yTUU9BDvAimywIUhw4o3GPB_eQmoVF2OUGyX9nsI5jrDZcDptsYmhC8zIE5yxYZsoeROB63ylZzJvT1tY1N4FJyGGVibJqvmVHiPOu2kB_kqlWWCmzu85xYcAY_4B6Sxi0-XG99eBY6cg6_EOpZ9AyzGxPSzS9nL5OWSgdgceBrXaRvdUOuMCElIxeYAfQ631iTef9-hGpP8tbuwppQHAFxRdRvzjmHZm_Q5sBfnMJyov8EaEZw1iCw-NYep3VvJqtWq70GvgohhBOn5osB52Wv6c3rujzoDf-Uku88BXUumVjx3Ii7_52rb5dL0JLvzBE_CRxsovZAvsjcq7l6c1oDLI2iocCWnhM3-hhXOz3vTqAW9WsUSr_tGfZcMzDtyvWN8V0HsWQbJVJDQRww8BzeLwnvPGBV1lM1ah7mwsI73qNWRyz4FwwOtQUqYuVw8QQy40TDZi67UEBw5L7brxwWfDY39Al2d4XBsne5hcXaI6GV7pVvbdWvksUv2KPPuvfZNhngtCHZQaK37Molmheta8Ts-K5HcTljryU6q1qRMx8k_xuukBHS_HYkMblHxy5qWrYVD7aZkHgo-_z_RxTcVJGfJAqCzzEXfKs-wLNHXJZHBb0GnYKOjgaV6k_gxlZtftHXol9nm4k4HNoSxRDF9xQrNRTs5BdQdpJzMT2z4Udsj-Ib-CY7Ov1rlndIJUjz-Y8w-UT_yR4wjdxKiJHgnig9gUXSkmlYoav3o0-nn92nlJhZKmi8lDmyZlgK-2O78-E_mFuXZ3TGMrCDRf_ZB0L7tghy4tsNFeDEZBfCGp1bMvYYUli2e5i1sRrXnpepk8RPSruY4H5UyRWGqd58psCgzUrc_ymHjzy6nVSbRYBaodmg6asjX-5VeiULgGeJUwSFdXCrswylyiMEml4J8RcdT7yb-3krKIaUT11i1vgpKwoDRzKvpSZEhodYQ0Yd6LwYMJB69FOj6h6BzWndN_Mud4ewbPwCWgONslDo6lY7-7OmYqsopf05qhvxh-MXQGez1JHunNeyAl3L7vpfuz-NJfF-2dEVXOK753aDYnAtvj33vYnyh2ivHO_QhahIwUybvaeDl0KL5Ijx5VThb4oMiQlAmzIOxpCShkeDWkMydZSr0Hu_eK9evJ_Jwx8jQSgCSx7zXKm7RGXRI419S8FK78bHipAzBDKVunMANDgzYmYHZ-OhgQPBTQmVULotydheACzQCi7Z5guDZCc-oLc7A2KrkIdSk0w7o9qRULu_pbASt3vn4oG4bqtPIX0FrH9_zsLLAc2voWBZKmAjKpax1WX9TF-f_WS0qo0t1u6iwX2eBt5sp5lg5PE5XCK6zWWkGWOvVkY9U2tiUuNF9FRwZXfClQmu5vzkL8YRZq-ZEtRy7LKwokAXGkHHlL4nLmXDxq1SUWqLX0p09gzpmJseL-zej1dfZvhMHXZ3jj3wXkNtua59x2iJF9YuR0uQOGiXh9rY-M4G23BpEv0gmvxH_Wd_D9rxeGfBOMPXaDPTWWdNh3QlW1QvXCbY39LZQ5EaJq-pSCqNP8Wvko0muhzDWTHrAZEWfa86LVyvx3nbUYsugjNsNFaWZz4D-Zn4wYAqLLlSwA4qjGvt7IWt71B2UD9vwBrSlvFoaKOTxZI4pV4dH7jDQ5Bg6HDn-hblfKq3dKHjQO5384CEPkvc9yvd3vkW-RfYumPgGv9yMr15uNsty7r4SCL9we2mFb7Z5JpeUNOL6avPutguFHECoJIIlFfI__UVoENl0pS1z7l5UsOwogw9StN7IM4uWpa1ltSIEQGeqLJjkeOfwsXnv622PsPC77GElkzeTC6lnG5Sjw1su_dZNbgdJnzirKpYkoPPygdRw8wFrMzAeIiFmtsvRO9KaNCykYhNY9popWWHYYxQ0-_GU51I_kzh2puIbEFLgxkFN-BiaSezzpXVD3PH0T-oyRXDGQMOSUGEYmZjp57N2f6AYoZuEX8FHfY5KUrRtA7eAooNHj2_qM_NW9uysTIOBrNeeqgnN6d-USU_-sY2Ph6dF1WxHTlA-oaUPspHAs83QTPFOPtDYjaxaAlZt5BAFhX32QNb-MYKJye304G-bSLT10M-CdTGtWseIpnmwL3ofQY77AP9c7RAokIw81m0IaojLnLYSTRmroegyI-OIOb9SRC7qoDt4SQQ1A_YR5nJSq3ryBaELOZ84Z_-XXC84o7sg9S_ToPr7Pa_dcMuC-4EHIir-zAksnAXvW7-rj9-J5OpYfGkD09a7wT1uaD8J6_NIiWG9-OSpHqod4WayJDOvEAZIioiHqGq5jo4hx8wWyJOEYCZepPhdqbuHfBhoz69mUMF0toQU2Lgj0XVBhGdW2u_2mkmqozIg_lAuI_N0Kbg5-5u1qy3xa8laCCryyhrGPL685M4VJcGcqcKLGdy98I4vaRYZy3oLifWOhs5geMrYtTjhwr2FuATO-RXUfcOrWmxJAKqeNbPfQ_8sUM2B3lfZjtN-PO6P9mzg4ZXGqy8gf9ny1YM7T1WUsZ_rqIPhe-zY2WdGvAFam5GC_2IRnlQdTMP0pRMPAqsHfdpkHGuBQRAlYcwl1b4GW3-2H4nDx2VDg69JOGQcAI6Xa7WbN&cid=CAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.portalt5.com.br&ds=l&xdt=1&iif=1&cor=8588587203090337000&adk=1405019969&idt=116&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 13:42:53 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 7F01 11 KB
4 KB 58ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f7c4bea0fb1de1082c21df9e5fba59191950382caa2391491552aa89ace311f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4116
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E0FD 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 244202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:42:53 GMT
expires: Tue, 27 Feb 2024 13:42:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
www.portalt5.com.br/sbbi/ Frame 75C2 532 B
472 B 344ms
343ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.portalt5.com.br
Referer: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:32:55 GMT
server: fbs
x-accel-expires: 0
x-hw: 1677749575.cds317.fr8.hn,1677749575.cds256.fr8.sc,1677749575.cdn2-wafbe04-fra1.stackpath.systems.-.i,1677749575.cds256.fr8.p

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame E0FD 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 06:49:42 GMT

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame 7F01
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

92ms
78ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.portalt5.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.portalt5.com.br%2Chttps%3A%2F%2Fwww.portalt5.com.br&random=7019528719620&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
Protocol: HTTP/1.1
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 186cc5873ad18c421d5163befa584049cce086ef076faff8c573e56848a6432f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:32:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 27866400047317204444550012251001
Connection: close
Content-Length: 1348
Expires: Thu, 02 Mar 2023 09:32:55 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:32:55 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.portalt5.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.portalt5.com.br%2Chttps%3A%2F%2Fwww.portalt5.com.br&random=7019528719620&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 02 Mar 2023 09:32:55 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0FD 0
20 B 58ms
57ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgWdrR20AZKqrCLGVjuwP1LqTmA0AAAAAOAHgBAI&bg=!PzylPGjNAAbK-VRH6vk7ADkAdvg8WnBEmXT2mSJlfCn0BCpXGoCU3WxypSnURg0k2gFFiDpccCAhElIXZDrT8Er5f-Cmn6hbh3oCAAAAQFIAAAADaAEHmQLuIwgwc7ETuztHfeYqmGaPS93h7qvngojAJ4UYAcicXMx34eTDlfK2SLNe5u7oolvrrfR03oKhYaexy8H2pdpwXk2qpyCD-V2XuTwYSRewOO-9UjmoWBnUqXMAoGxPb6N0pGul6DoEIu5F1UQ1fBksoSdPQl3wBKgzif5mK-IER2GnuhxRiBefWYvTfyEs1I3dyG9D3qRBqAtd9l32W8hYwmakohxqvNAsXNEmPUtJy5_aj9ak6-aLbWsH1WAAlHx5eF5U3_by6Pd7-1DhLYHa8dbOkthVlKnmB-P2PdVqTNSObhzVknY6rc3UA36HdpZ6tiZHASeZeThw8kuoVOvg_ioXa46WmhuDy2XKLVfow7oT0LcLE0aYFgUTJ7vrqpUlqg0_2PZEFxI4P0xVIpr5e0xle0HNDXSHvOnHCRNtTeO_JBXgUs7X2ew69xmX2iurBGlwebF_YO7jYXGPMfx2VCO-lozSnWXp-HZicQyN4dfQZRH0lps_MyxCKl98yZOZXTbAqsOpxQwVShlus38zIpWdALSdDt8Yz37v_nNDmExXKbhBTaImaQjgNDfxgrDufaQDcR8mLKjlI83czzi2yGJZwf8IozwR5obvN5D4NFWlGQThlmM3Y9ggK2_x8sTiH6vmKja105YAVxuA_3t3OrLdNfDzWkFwM3SRCbyKPOxMHEGd515l859xfTugIAwU7WrBo-r6zqHjbs_kPg_jr3vCZ6hPy5aHZ3DcMovgENYgIf9hWhdxmJP_3kFjWnewFncgmld1DxzkBmG7ZaP34ZoiyawPg20x_YCABwa7-ZfiEytz6eHTGUhBvWUEssQwu5V8sQs7aYQ8HIsldJ07neV2lKqBi8UQKaWucNKW3dxcvzpkOAPzMOHvatJl-KnCpg2RCo_fl9jBwx70LQmfyMlInAUnhZCmlmywPKMrSE6mnG1_6ZFQ_-is3kumWlJW6s5MHHXsA9L4cHZqzk74vi4o8LOT6TP99VEHSH5X

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 5CAC 930 B
931 B 92ms
9ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.portalt5.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.portalt5.com.br%2Chttps%3A%2F%2Fwww.portalt5.com.br&random=7019528719620&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 02 Mar 2023 09:32:55 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 09 Mar 2023 09:32:55 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 6042
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=27866400047317204444550012251001&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27866400047317204444550012251001&actionid=981741&produktid=&dt_url=

0
629 B

66ms
17ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27866400047317204444550012251001&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.portalt5.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.portalt5.com.br%2Chttps%3A%2F%2Fwww.portalt5.com.br&random=7019528719620&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:32:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Mar 2023 10:32:55 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Thu, 02 Mar 2023 09:32:55 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27866400047317204444550012251001&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 515F0526:95B2_91EFC182:01BB_64006D47_77596BB:2FD2B

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7F01 2 KB
2 KB 118ms
55ms Script
text/html 18.170.235.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=27866400047317204444550012251001&nw=1
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.235.198 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-235-198.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 683dddc03a7de235f2f27e4dd81e682c6d24de549c982916a0d997ce801b022d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
last-modified: Thu, 02 Mar 2023 09:32:55 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 02 Mar 2023 09:33:55 GMT

GET
H2

200

activityi;dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045 Show response
5994599.fls.doubleclick.net/ Frame 54CA
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045?

392 B
327 B

60ms
59ms

Document
text/html

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045?

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

d47669a3c2ef851c13f1e81e2dbcf1b52f017b0b8ba910ac87d9939299f956c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:55 GMT
expires: Thu, 02 Mar 2023 09:32:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame E919 7 KB
2 KB 23ms
8ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=71d0ea38d5&subid=&uid=fa69c5fe782234d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIosNRm0AZJ-BIJuU7AOqupeIAablvaBphZWcp8kP8C4QASCs7-xVYJX68IGMB8gBCakCaGt1jQHdsT6oAwGqBJYCT9CjS-0c1BrLVBF-SzeyKpgG4twWMc7kmhZlM2uzyO4LzVL4I5dj1z2l00om7g-xnZh5zQReJUNPqw1gq8k3cbPgMUMZHyLDu56DDlA4UW7QPOFmgCik4oe6TOu72wqF-ZGJ-Jxw6M7lpHkAqJahvbDCcC_NI_e61dWGQNVkGkj5zTx5lBRtfHgVTeMoYOtBtR389IksrKIAN0_Z4ds9e1S42t54uMeZPkKzdTu0XWzbGGCOxwCu3njvLex5rcyjm42a6zDUNZ4NjAGD_kdgBfFtQAqZw9Y6tSmlvjwWXmm3_-mfi7gwRhNesZTbiu1oJT83YMu8-_VfQ9d2WrJl-w4UuOtika40JV0mnWpshOagvWkoVn7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymAWrQ9Xm2OR4pIitZWgyO9GRvUhqe8MLJErcE2ZjGykgHCMAbPmj1FvOjuO8iMQN22giRQAshGAE%26sig%3DAOD64_3axM1thz32jUVYqlrpxwLYmGtctw%26client%3Dca-pub-4441741714620967%26dbm_c%3DAKAmf-BWMuet8fzTPYUcEh86X2q6F8LUzXM-qkqG3sPppL7Pu6DMjWiKkgYpzWmD7be6mBa6g4Ok0koPhG8AJNwkYLQu0yzqUAHpLkTJCZQYQOFqgM4Uqmi_p10OCNlhpsmlz3x244mPKv9uyydeMHKXypLRnc-gmWqUz2iBPb1rzwGlhbhUJyc%26cry%3D1%26dbm_d%3DAKAmf-BP_iAOt-vo7ftii_OK-GvI8or7zrEER3ynRInWHeahd2RCtFHLWgfGCVs0PAVmUbSpP8uJVHreaHqFxHtC0ISYJqceR6CbEkUplXhxNfw3f9yOCZdAtIOW7xRrvpMcfVCjgskvgnhhVe3vv2C5_qE47S_NL7OroqTKzFlaRZKpbqC7JMGB_84me3Rfdo4GuaeaydQmOOZa5JLePXW4Hw0VUtfumkBj0JeE0A2THKGDuiiZ5RAbqIwGfaAHnijdfFRYFrjdtjAkqBMHca7bFUCSwtatsyTjWqGbRlOyQPCnqNcBLOF58giqVzKMIW6Ie1OljES5_jaZ5MxXSYZOyT8dB3UjpWyxcYcbhjbejto2uUiwnhgS0XluXTNF_MAKSJGuEAwgiWjXcW5NbP29d3MPqmlqKGPdbN-Vfk4RtwvUh4HFAU_HQcU2oyAw3M-cZec2gmKExUBhl8zN9CsgC2FOQio3cnzGn2oMTpsQ4rDQ5-5Ryd5YhLmG007D6u_VNm3B_YEogbDYJmAXPIroMksIGecYTYmsyq6gQWJjtjnpzlZ79J0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.portalt5.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.portalt5.com.br%2Chttps%3A%2F%2Fwww.portalt5.com.br&random=7019528719620&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 3d3a86162b96f325429f6a1e5b9a559c6f8c57e83007b495d4fbd89f67ea1f24

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2071
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Mar 2023 09:32:55 GMT
Expires: Thu, 02 Mar 2023 09:32:55 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 7F01
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27866400047317204444550012251001
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27866400047317204444550012251001
https://ad-server.eu/wm/pb/native.png

68 B
312 B

229ms
30ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 09:35:35 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F0526:95D6_91EFC182:01BB_64006D47_776D72E:C02C
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/ Frame 7F01
Redirect Chain

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(27866400047317204444550012251001)273820513
https://img.tradedoubler.com/images/inv.gif

43 B
692 B

77ms
8ms

Image
image/gif

13.224.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tradedoubler.com/images/inv.gif

Requested by

Protocol

HTTP/1.1

Server

13.224.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-110.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Sun, 26 Feb 2023 23:03:32 GMT
Via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA2-C1
Age: 296963
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: xILTK3diANeniMacHC8KJnkC__EdcGfziMG0X8JwdmPYnNmKfpUclw==

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:54 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location: https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin: *
content-type: text/html; charset=ISO-8859-1
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C9EA 1 KB
644 B 21ms
21ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7F01 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0fe9a6a3f513a538de20bc65d28e6317d265310db53b73bbd6757c1c29a8fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame E919 1 KB
515 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:51:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:32:55 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E919 9 KB
9 KB 29ms
9ms Image
image/png 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 69660769ffaae5257a8e6bad7fc8c8f977de189310e32230edb32f53937562bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9288
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E919 9 KB
9 KB 26ms
8ms Image
image/png 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 42eb473241cf5a70201414b9c45151691da5ea818e430266e49f79929b7619de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9364
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E919 12 KB
12 KB 27ms
8ms Image
image/png 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/627x627_Matthias.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 663969c81e883532f28b31ad0844deb86ace5d92f3a69967111b1c602068f484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11962
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C9EA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIZTaJVpyssh5C19cC794m4&google_cver=1&google_push=Aa02lx-Qu1QWO9RIO6fhANPvRxgaYp-RJ0n1zneKFaY1pvGVp3-vHQ5ZjfDXGuM4ikeI8uD0pn74EINDhsTNr7veMOB_VIE-IzXh5cxc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg1NjkzMDYwNjIzNjg3Mjg2NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIZTaJVpyssh5C19cC794m4&google_cver=1

43 B
398 B

39ms
16ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIZTaJVpyssh5C19cC794m4&google_cver=1
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIZTaJVpyssh5C19cC794m4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C9EA 35 B
465 B 49ms
12ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM0Q9p9Jhxjux54rTstOZ70&google_cver=1&google_push=Aa02lx-LmnHrxDSHktmZgFdtfmCc_7ljBgokR3Ma--KbOIsNR8oBH__bIcKQIhtRjQUmOunGSJJSUYSDLdQM2AFM5hv7NodXwyu0OixL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9EA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOXHpsBlXl6-IJDFGPNX4eE&google_cver=1&google_push=Aa02lx8AAPezi2XleCv3sC5nnEls-qi_1ebXOGyf9cRiNGubdVm6rqh6eriY9Hm4zpHa45w-izvojLfoch67Pm7A1VBxMwBMvAraJM5z
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=956DF9C354DF4C9684998AECFE457152&google_push=Aa02lx8AAPezi2XleCv3sC5nnEls-qi_1ebXOGyf9cRiNGubdVm6rqh6eriY9Hm4zpHa45w-izvojLfoch67Pm7...

170 B
188 B

44ms
43ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=956DF9C354DF4C9684998AECFE457152&google_push=Aa02lx8AAPezi2XleCv3sC5nnEls-qi_1ebXOGyf9cRiNGubdVm6rqh6eriY9Hm4zpHa45w-izvojLfoch67Pm7A1VBxMwBMvAraJM5z

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:32:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=956DF9C354DF4C9684998AECFE457152&google_push=Aa02lx8AAPezi2XleCv3sC5nnEls-qi_1ebXOGyf9cRiNGubdVm6rqh6eriY9Hm4zpHa45w-izvojLfoch67Pm7A1VBxMwBMvAraJM5z
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Mar 2023 09:32:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9EA
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENlis19cwyDUUzKlm2_Za_k&google_cver=1&google_push=Aa02lx_r-UHD105UHGF-4fAYhdpV8M_SUg_MBzPbF5F-SBDMKnD9KWC8Aub35FmezKhzmHuXW5eWvOGaDkSHX-Xn...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_r-UHD105UHGF-4fAYhdpV8M_SUg_MBzPbF5F-SBDMKnD9KWC8Aub35FmezKhzmHuXW5eWvOGaDkSHX-Xnc2FTq0GO3IUbk9Qq

170 B
188 B

43ms
43ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_r-UHD105UHGF-4fAYhdpV8M_SUg_MBzPbF5F-SBDMKnD9KWC8Aub35FmezKhzmHuXW5eWvOGaDkSHX-Xnc2FTq0GO3IUbk9Qq

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:32:55 GMT
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_r-UHD105UHGF-4fAYhdpV8M_SUg_MBzPbF5F-SBDMKnD9KWC8Aub35FmezKhzmHuXW5eWvOGaDkSHX-Xnc2FTq0GO3IUbk9Qq
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: YfNhhZ7_NnK5UoT0I1b462AVic07RHA3VyridNWTrDbLzUAaIOm4fA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9EA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ6cjGBDkzqOM2V8SXFdGUc&google_cver=1&google_push=Aa02lx8UI-0AZuuYnT9yBT8vkSK31yTfUDP6lMTKltWYDG7llXbbY1y1xABsMEPwyea-NJbE9iqaPsfOwrI6...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8UI-0AZuuYnT9yBT8vkSK31yTfUDP6lMTKltWYDG7llXbbY1y1xABsMEPwyea-NJbE9iqaPsfOwrI6qARAMTvAZ8DqAySAnYT2

170 B
188 B

44ms
44ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8UI-0AZuuYnT9yBT8vkSK31yTfUDP6lMTKltWYDG7llXbbY1y1xABsMEPwyea-NJbE9iqaPsfOwrI6qARAMTvAZ8DqAySAnYT2

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8UI-0AZuuYnT9yBT8vkSK31yTfUDP6lMTKltWYDG7llXbbY1y1xABsMEPwyea-NJbE9iqaPsfOwrI6qARAMTvAZ8DqAySAnYT2
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9EA
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKixtxtzRCs_ruuiw7qiONI&google_cver=1&google_push=Aa02lx8ojLHMGgRvC...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D&google_gid=CAESEKixtxtzRCs_ruuiw7qiONI&google_cver=1&google_push=Aa02lx8ojLHMGgRvC9NWzFUIJ1ed3KSkyQ...

170 B
188 B

43ms
43ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D&google_gid=CAESEKixtxtzRCs_ruuiw7qiONI&google_cver=1&google_push=Aa02lx8ojLHMGgRvC9NWzFUIJ1ed3KSkyQ5LTwzf8zIM-fucJrFvOJia7M70J3P-E13iqrrXKqczGhp31efLIQmkliiM1Dn7DvX8G3CTFw

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6d388399-3457-46d6-85be-c87da36b7bc8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMTA2OTczOTk0MTQyMjUyNQ%3D%3D&google_gid=CAESEKixtxtzRCs_ruuiw7qiONI&google_cver=1&google_push=Aa02lx8ojLHMGgRvC9NWzFUIJ1ed3KSkyQ5LTwzf8zIM-fucJrFvOJia7M70J3P-E13iqrrXKqczGhp31efLIQmkliiM1Dn7DvX8G3CTFw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9EA
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKSCYy35J...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKS...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffb36375-e7be-4937-bc1c-386814b41908&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

43ms
42ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffb36375-e7be-4937-bc1c-386814b41908&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffb36375-e7be-4937-bc1c-386814b41908&%%GOOGLE_PUSH_PAIR%%
date: Thu, 02 Mar 2023 09:32:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C9EA 0
12 B 42ms
41ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iw5rlTdSNHzo-hsHBo5l3RKb0DPvhz_GsgJovq7y4xRTvPLBcRNsqu5tXotGn2U9I467lIdxQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame E919 0
150 B 21ms
7ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=27866400047317204444550012251001&a=69e60f6a&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=27866400047317204444550012251001&a=cb80fafc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 09:32:55 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 5CAC 104 KB
40 KB 45ms
45ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c356b5d55f26b5e3b0b80a99cbafba4d1ace1853edfad461aba3fcf555156a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41164
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 09:32:55 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7F01 85 KB
31 KB 92ms
10ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=27866400047317204444550012251001&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 02:08:28 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 26667
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: tpmTcyk8gRtDB689lncEiayL_P6MPzcksV6DTdHCicaI1Pmwoexcwg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 7F01 3 KB
3 KB 43ms
10ms Image
image/png 13.225.78.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1677749875&Signature=V~dIW6GGZXw6q857cxe4KOETPBwbVt6-FY6iYZgtErc-ZUGo8ySRjKU69J-0wcWDKNwbc5rdpl1VRwnP7VWXw6l2qVucf4o~Vye3WYig5dlQSBnPc49eHoWNlt~0rC-0taZPkSKrOzxxpGFaXSYw-RuUkHLFVhwt1bKbkUBJkNsqCx~5vGhd~7hqukQmDsnVGHCMQJ2H5ziXrYslXe0KqMQBOttXkqcHjzm6BO-~SYRkhOzFecg5bQe3KTwy3J~iK40Fl6To-ubwsvWP584IHJ8gupJfPUmGyPn1HVeRiumKX-eaXicKCKKknj-Oc971MPPipugj2mMznbb3cKJCtQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4441741714620967&output=html&h=90&slotname=1531896807&adk=3458002617&adf=776186317&pi=t.ma~as.1531896807&w=728&lmt=1677749574&format=728x90&url=https%3A%2F%2Fwww.portalt5.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677749573136&bpp=3&bdt=376&idt=1337&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&cookie=ID%3D7313467fe29bcb82%3AT%3D1677749572%3AS%3DALNI_Mb5TLAXcTP8ROF-vrqN_kfNweOFvg&gpic=UID%3D00000bbd91804a1b%3AT%3D1677749572%3ART%3D1677749572%3AS%3DALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg&correlator=8620394321596&frm=23&ife=4&pv=2&ga_vid=112243227.1677749572&ga_sid=1677749574&ga_hid=975064407&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=3205&biw=1600&bih=1200&isw=728&ish=90&ifk=1402676447&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531705%2C44774606&oid=2&pvsid=502519061664392&tmod=1554318505&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8qdx8q4rvpk&btvi=1&fsb=1&dtd=1352
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 02 Mar 2023 03:47:23 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 42876
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: Oa_mX2taB0kDT4lH8iV2gB3NQYovtVb-_BfXS7ppiBAL10frWyUQpA==

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 7141 0
52 B 10ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.portalt5.com.br
Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.portalt5.com.br
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:55 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
www.portalt5.com.br/sbbi/ Frame 75C2 7 KB
3 KB 27ms
26ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: da46c03d76f2e990ea24c9cc7fca407cf1acee7228863fdfb9b1b3fbcdfc592d

Request headers

Referer: https://www.portalt5.com.br/sbbi/?sbbpg=sbbShell&gprid=sf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:32:55 GMT
server: fbs
x-accel-expires: 0
x-hw: 1677749575.cds317.fr8.hn,1677749575.cds156.fr8.sc,1677749575.cdn2-redis01-fra1.stackpath.systems.-.i,1677749575.cds156.fr8.p

GET
H3 200 dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045
adservice.google.com/ddm/fls/z/ Frame 54CA 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLig5Jv4vP0CFc6oGAodoTQFlA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7294980907262.6045?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82D0 0
0 59ms
59ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKrVp7uCxN9HUY6Iit-8_TQHMui5Y-M9nU3i205KY8twiOqDdHr62nnHzbUJmD31wLxajsYLs5Z8h23Mon9UIo91Azsf3JgT6Yvz-Or9B4gWnfK5cSuW2JNJ-WyPQOWY1boDK5Y4c1-z_80O5lGyiZk01l8h3FooZML9x9tDgokI9y7w4OetMYviGDJng4LwkJ8vioDkhcsvs7nrfom9O5WMCnzhCLhZ8pDSfA8AnCM-SP-P_z7FlslbnRDUcr3cCucf2tOrpVpOwkjt0oKyQGg5kJz8z6cegemKEFus_sPpNxajNwgS7rRa4Kz8Vz-zkig7c7vMDCW1pbdygyvAsYIdU3YtYdbR8rzxQvUhFAlWGQ5t9ZYuUz&sai=AMfl-YTN7WspwV5dd7qpnBGKy9dotVVOL3NB5k8FN-64uEoywaFGnlIhh4Gr429neXfbR2neVWflD-u29073toxXJDCw2K8BhqjC3CDsqtotJpkGCPp7hTxKNWnW1E3n6VLt_AOxdaSuUelSYOrmPac&sig=Cg0ArKJSzELJ0eCFKPVOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:32:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 82D0 15 KB
11 KB 68ms
68ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230227&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48c1443532f1c24c2e835a69b7d43232be7cdd731a340f414a4705ae1e171459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11307
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 82D0 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C317 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 07:53:51 GMT
expires: Fri, 01 Mar 2024 07:53:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 383B 783 B
534 B 43ms
43ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef12318ff9a45adaf8c284d5aa8d2919d79fa3f9270a4b336fa519540962727a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hDPwaak9bcihM16ZvKl-TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hDPwaak9bcihM16ZvKl-TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:55 GMT
expires: Thu, 02 Mar 2023 09:32:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 383B 0
0 55ms
54ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230227&jk=502519061664392&rc=
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame C317 36 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 06:49:42 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7F01 16 B
232 B 68ms
68ms Fetch
application/json 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Mar 2023 09:32:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 73ms
22ms Preflight 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 02 Mar 2023 09:32:56 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C317 0
11 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vYHp5A
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F01 0
21 B 53ms
53ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4689393877437&version=m202301230201&ct=77&x=1&cor=8588587203090337000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:32:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 82D0 0
0 55ms
55ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230227&jk=502519061664392&bg=!iIuli9_NAAbK-VRH6vk7ADkAdvg8WlhTJnSg0wcBgglnp1ubwLUTiucXhud25GSpuqZ13bYTTgi5fwe6rssbC5IpjT3uwwyyJaECAAAAclIAAAAFaAEHCgCujslND0sQz2CXEGACxUpqfZJt3LSkYwpK2wChtxm8MH-X9VgowtzMld0dxK3ZmQK8v6wEyid4PV56gj_0eqKji5h0CJLlkcjgcX-xXe0HwbofjraL4D0wpvUCQDhdui9YP62eMeCdjYUgAcvOf37R-AEWcLnKpfEC13fnUZm4C0YQWstSQcvw4HWLjFymQp5kvPm7a_L3y1GN0AQ21I9UKrCT9ttntflMYqnFDwSZmQLQrqyvpVKJAdNnkAdkZ80tRjSADg55ljPhjkNx7blO1ZGfWEN3azJXK1Ok1wwSAE92EfOQfutmrTrbCyXaSJg9zNbjLz1VgXJRuZHNdGJySUXUvDMTwo6eCzQ4164eZsiqSid0h6nGdcsMtW2GE0wK37X2CzMNtUXcEWF53nf8Iyc7QqxRSXJKKso5TZDVuNGw6YIfS0vZb3eMIz5GEWC0_eOS3Pl-FSq4ZiPuYF-FPjjK3X90AiSrJUcyXb1ZWWEBuWWP3XDFvBofGLpgGCYHkWFpCGp4bMxJjIH__Ae5EE65IHwqcPKpNSm2HZWTVLXBhektDHa43xWlrZQV7RR0MSDJTuJQpcpDsf8PDfH5MfgO9oTTeJyGqNuEFV0t6LF_LX5vw8GQRTwuI3ZTwqGUs-aabIohACAaIecoVko_yzC_X4j1yUQp1zbvmzDOEjzle0tNqsi0nmr3NUw0e6jIbZXYqb33RcZD5NB84mKlHsqKNyLcEmEkHeKNNsXkMiUll1VMDF0eU3tubSK9mg_GPdbSx88Ymm6GfCNZK-5KSJ3-XFCUUsEyWCPYQVhO6aBQRRWn9UGtZxjJ82YqqHIgxqdBWwEJDgPtmybm00-9GeQilUaw-fd8fG_50tYsbaKiiJF-7H0xZl17JLXaRTaRM553qkiG1_rVTSLRdXMnq3H8rfNHRiDuUpQ2SD0rSsysXPqFqwiKOEdvUOKDgLER6B6PLQRhad-rerW_LBjHYBrojzteQCpw8cYW78WYU7H3fF-iUiCmSKwTdDaHO5tWkw-_HTvDniNykiY7qzUbO4ufz-SbIgXR3UeFAyn76tX8vOJM_QQe8nOE2TjBNXPMPcihlC8iX3FLtaQljTyE_5FmSsMbtH6xOygi6BWD0n9gkdbiHcYPLw1V9knlC0XdtwoievuUyvmP7zmGRjaoBf50Sb-ECFtq8fQ39WXMfNLw
Requested by: Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 66ms
66ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022701&st=env

Requested by

Host: www.portalt5.com.br
URL: https://www.portalt5.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f270522ff9781bc0a141798ea6f3f3efa61877c255519b2e0a04d78df782668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11355
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:32:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80F7 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 07:53:51 GMT
expires: Fri, 01 Mar 2024 07:53:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D8D 783 B
534 B 43ms
42ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1c5e7135ef4fe954640b0a910305dba9e6ffda63ef4b57342002a45e8509c95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6GxoIvPMo2rsinI716-lLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.portalt5.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-6GxoIvPMo2rsinI716-lLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:32:57 GMT
expires: Thu, 02 Mar 2023 09:32:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 80F7 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 06:49:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D8D 0
0 54ms
54ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022701&jk=1753584586774706&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 80F7 0
11 B 10ms
9ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7N3BWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:32:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022701&jk=1753584586774706&bg=!lpWllcHNAAbK-VRH6vk7ADkAdvg8Wl5hPLLBRksd-ZyUj7bssxms15z3ffeazniWqXwN4k797tqmnD_Xbkhajj4vpETjmn0kFycCAAAASVIAAAAFaAEHCgAzaEKxMQlyvh7cPBfIT5lgLcfqMqydJj6APZPuTLKQZ6k3wHOXsC44y4ZnaAvK30abI87rmQK1zmJr2gCfWG4eVbOr9olqR6EyjGWxInkKF2ZrIwl6A1b1gthOmiC3Fx0akjde6SiI3KOsaaE9lsgh9fcEjpkxPSUzMI2-qZ-TMy0TgvLbOW5652_oHyWT8c7co13TlvYlkEDgJFJ1X8QsknVEocRYYGxsdQLTC2ODbovTaAUOpaxjASPXvGMpHJ1KNPVH0WK8UMix8kgxwJZe9LiBmGTyxsAxE4hWcDRsikQPNueVQ16Lk2sON66JhjRUwDr7849trZYwqLm0aVSfmpJIVrw6MeaCFJdUp3cptXOyCDwA42LPxliTVKD-OMyyQkWwCFcxB1jrHcYn2yxz6jh8AqV0Kop0eJudXVUXPJsMsuNtmV6nMy2YcfqD5WBpeHQC5tNn-q-L2O4U5U_fJ5DyzvWxnfWV5SpTJHSe4hQursDI96Q-J-zw29qOIJh4FMhpH9d7WyJm4iitBO6RY5CgNA2aXYOhLihspa-QMY8E3ISVbWZMgst9E0T0j1yHyxIkfnt_s2a5k8xVjm18zYewwMGprdXBGodR8bkumOez2Vz-bZmjfAarZokRw9DxtZdgM47EeS7b-WiadXEQ0LZV4mdStsAGQVsijju6InvZL2M5xFtIyAs2Qq51zUn3DcMf-3RlsT4aZFwmiiJHD275rXDYkAk6ml2HAeV1WZmd-k1Q4LDssj4jHQnQ2-drYF2vs9yt-qQR6i7iNFzZ6A1IrVsGMe23IW09QZq3rd7bhE6jwXc92lIphgoaOf7x8AxbZpMfMENuoXKdh-dOXPlUok7WG86hlA_9VUFoO2VWv93JRkXC0u5fKiq_qGJwKMeR9cBNslhZ5Xj78tdrW5YCm5gjnemI3Ap4tfvgZKpLp1ghXTqKGSBjJG2-IDHlVlv61W8f3NZFs5ikVLRR4l478m6rKzK1OXap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.portalt5.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.portalt5.com.br
URL: https://www.portalt5.com.br/header-partner_header-partner-no-sticky-red_files/css/

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.portalt5.com.br/	1969-12-31 23:59:59	Name: SPSI Value: b9f02b2f6f88e469eb24c90fbaf97243
www.portalt5.com.br/	1969-12-31 23:59:59	Name: SPSE Value: lj6jT2XG2Qmy2EN73pvuSAWhK53cUGtYFmv7RwJhJRY17cpTnxIyjoikfDcexF/ZqnBm7O0+iwambfJlLn3eIg==
www.portalt5.com.br/	1969-12-31 23:59:59	Name: adOtr Value: 209bbff628f
.denakop.com/	1970-01-20 19:38:29	Name: uxid Value: 48IQKZabTd6vgdsoY1a04w%2F0
.portalt5.com.br/	1970-01-20 19:24:05	Name: __gpi Value: UID=00000bbd91804a1b:T=1677749572:RT=1677749572:S=ALNI_Mbm57EkD8khH7Sgqa1gFh066odcUg
.doubleclick.net/	1970-01-20 19:24:05	Name: IDE Value: AHWqTUmyNaqpgIdDRojsScsnOEv6in6whPWj2wGOaWLKy-xoCl862A3Kn7mu3JQYOVQ
.portalt5.com.br/	1970-01-20 10:03:55	Name: _gid Value: GA1.3.1462049325.1677749573
.portalt5.com.br/	1970-01-20 10:02:29	Name: _gat_UA-53443223-1 Value: 1
.portalt5.com.br/	1970-01-20 10:02:29	Name: _gat_gtag_UA_66850008_1 Value: 1
.portalt5.com.br/	1970-01-20 19:38:29	Name: _ga_LPD9BLVPLN Value: GS1.1.1677749573.1.0.1677749573.0.0.0
.portalt5.com.br/	1970-01-20 19:38:29	Name: _ga Value: GA1.1.112243227.1677749572
.portalt5.com.br/	1970-01-20 19:24:05	Name: __gads Value: ID=7313467fe29bcb82-221f8b8f3ddd0044:T=1677749572:RT=1677749574:S=ALNI_MZm-td7jtobiX-gOWXqEkvjdsFteQ
.portalt5.com.br/	1970-01-20 12:12:05	Name: _fbp Value: fb.2.1677749575029.1294204237
.adnxs.com/	1970-01-20 12:12:05	Name: uuid2 Value: 4211069739941422525
.casalemedia.com/	1970-01-20 18:48:05	Name: CMID Value: ZABtR6x-N0jVXl.TjYLPFAAA
.casalemedia.com/	1970-01-20 12:12:05	Name: CMPS Value: 3223
.casalemedia.com/	1970-01-20 12:12:05	Name: CMPRO Value: 3223
.adnxs.com/	1970-01-20 12:12:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb>`N=ke!1yIE`fS1ueD1W-044)d+]UenG:4_6B6bY5?($G)EUF_b-#mYW.eVC`nwZ.JP(hw9P-HC_#tt)o)m<9*
.redintelligence.net/	1970-01-20 12:12:05	Name: 8lcfmzhxc8d6_uid Value: 9b818df1f64b5f5b
.tradedoubler.com/	1970-01-20 18:48:05	Name: BT Value: 1z11zzyqzewGD1zdjiJTnwzzGx1y2x1yIx1y3x1yJx1yKx1y5x1y6x1y8x1yAx1yBx1yDx1z9ydjiJTnw
.tradedoubler.com/	1970-01-20 18:48:05	Name: PI Value: 1z11z1zyqz1GWHQLz7ab3y1y21FmOy1FRDyyy7WPTyvUky2KR2QSyyEnHlW8F_hLoafiWQsZDGeILHJf5wqthUZ4%790Xm5C_%78U1lU.RcSFG0eLy
.tradedoubler.com/	1970-01-20 18:48:05	Name: UI Value: 1z11zzyqz2JUOakztbDyOLkW
.quantserve.com/	1970-01-20 12:12:05	Name: d Value: EAUBCQG1KIEA
.quantserve.com/	1970-01-20 19:32:43	Name: mc Value: 64006d47-74993-2de73-b11ed
.simpli.fi/	1970-01-20 18:49:31	Name: suid Value: 956DF9C354DF4C9684998AECFE457152
.office-partner.de/	1970-01-20 19:38:29	Name: source Value: {"webgains_webgains":{"timestamp":1677749575568,"clickCookie":false}}
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hdjz0pgxna2vr50kjdtzpxwh
pb.media01.eu/	1970-01-20 19:38:29	Name: DTU Value: E43CAD5D04D60E6C6069C564A9B4C072
.bidswitch.net/	1970-01-20 18:48:05	Name: tuuid Value: ffb36375-e7be-4937-bc1c-386814b41908
.bidswitch.net/	1970-01-20 18:48:05	Name: c Value: 1677749575
.bidswitch.net/	1970-01-20 18:48:05	Name: tuuid_lu Value: 1677749575
.turn.com/	1970-01-20 14:21:41	Name: uid Value: 2856930606236872865
www.portalt5.com.br/	1970-01-20 10:02:36	Name: spcsrf Value: fab51ba021d2b1f9b93567f07b338f52
www.portalt5.com.br/	1970-01-20 14:21:41	Name: UTGv2 Value: D-h453c3ea139c2e23bc67038cb1518e213b56
www.portalt5.com.br/	1969-12-31 23:59:59	Name: PRLST Value:
www.portalt5.com.br/	1970-01-20 10:02:29	Name: sp_lit Value: jS9HJYUx9mpfhpl3/JhqVw==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.portalt5.com.br/ Message: Refused to apply style from 'https://www.portalt5.com.br/header-partner_header-partner-no-sticky-red_files/css/' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains always
X-Content-Type-Options	nosniff nosniff always
X-Frame-Options	SAMEORIGIN DENY SAMEORIGIN
X-Xss-Protection	1; mode=block 1; "mode=block " always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad-server.eu
ad.turn.com
ads.metrike.link
adservice.google.com
adservice.google.de
adv.office-partner.de
af092f2896808a3b1da490cb540368d3.safeframe.googlesyndication.com
analytics.webgains.io
api.webgains.io
b.smrk.io
cdn.jsdelivr.net
cdn.pn.vg
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.t.tailtarget.com
d.tailtarget.com
data.gblcdn.com
dsum-sec.casalemedia.com
files.metropoles.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90001.redintelligence.net
i.ytimg.com
ib.adnxs.com
img.tradedoubler.com
impfr.tradedoubler.com
medialead.de
onetag-sys.com
osp-assets.pn.vg
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
portalt5-cdn1.cworks.cloud
portalt5-cdn2.cworks.cloud
portalt5-cdn3.cworks.cloud
portalt5-static.cworks.cloud
portalt5.com.br
pv.medialead.de
r.turn.com
region1.google-analytics.com
s.ad.smaato.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
v3.denakop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.portalt5.com.br
x.bidswitch.net
www.portalt5.com.br
116.202.46.88
13.224.189.110
13.225.78.101
13.225.78.30
138.201.63.117
142.250.180.230
142.250.201.194
145.239.193.130
151.139.128.10
18.133.166.146
18.170.235.198
18.66.147.98
185.76.9.107
185.80.39.216
185.89.210.153
185.89.211.132
2001:4860:4802:32::36
2600:9000:211e:6200:1b:5138:8a40:93a1
2606:4700:20::681a:16b
2606:4700::6812:160e
2606:4700:e2::ac40:8608
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::9c
2a00:1450:400d:803::2016
2a00:1450:400d:806::2002
2a00:1450:400d:806::2008
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::485
2a06:98c1:3120::3
2a0b:4d07:101::1
3.122.123.120
34.102.185.99
35.186.231.97
35.201.123.184
35.204.74.118
40.121.178.25
46.228.164.11
46.4.10.49
51.89.9.251
54.76.176.197
88.198.250.30
94.23.99.218
00a049b7c742b672786c920f5864bdb33adc0aa0ea9b6088ba2cdd50e1735464
0197768abb7d8a1a196ab2103a9dfc458abd81f8328c2d984c1a209772f05691
0363ae7e6f5455379d350bcab72185f8d4e8dffea6c890a74470a480010f3d7f
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
0514d4b5295c88b8a6b6df74c5101aaae852ca153bf7d0112a9064ef46171148
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2212f1d11e11c7b3502497c53ce7affbf18df58980bc9995622334c45a4597
0deadd7eddaa2c76e36fdcee1a195304340970afa03152b4db463188996389d6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14d1130cfa0fe75ef85ecae6978369a612f66ca0bc3bdd4f4511d50d82a1464f
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
186cc5873ad18c421d5163befa584049cce086ef076faff8c573e56848a6432f
1899cc276278469f85e86ba0ed4c06af74e2b2effbf67985488fb40bae797b23
197a358974f1171745c48139af359ad244e2b8724d7a719dc75916b0f8f44cfe
1ad2fb45618830aaf4b6b380886a4a9b7095540721e4be92e252c0620607226c
1b0963f14226beb0e141c1d4def4cc1bc70e8ef8792a527f80a11c8591ba63f0
205339afb48851f719f6ea80106550aa941bb605cf3cf99e77367aa01328f154
20674c6b3e2decac6883a3f3fd6e0915b62fa60707f5069f0bcd39f15f356f67
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24f262dc787536f9d585a20f9f4d6855f9c6d154e4109b7b9c7105a2e40a333c
24f2807b887cd00aaa52aa2315b451f370d21c40e11860e8052a62ed9e4b7b1a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3169a00b798d06012071ced2878f9cd5418bded9ddbdce4376ac367c659a8065
36c759d57b39f32ee870e51b4149271b2b9c6a4ae962108f9cbbbd0f7589cbc2
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
395908886b3c854843d8feb091e022ffff489970d9cd7efd4461769ff279e839
3b2b0a4b54b040c7c9217c5cd43e863559cdefb6e2c6a9bba96cbb99d76d07b3
3d3a86162b96f325429f6a1e5b9a559c6f8c57e83007b495d4fbd89f67ea1f24
4000d4364142ec3454e522d59fa9beda7ea559c3bed263a2ffda93d3c011d590
412bc905b5ae3d908be254a0faae6cce2f70556377f5b4d636a91af23780bc15
4199f66fff4f96ba6b09fbc1aa2593d3980a98cf48d1fd68fd12f99cd35d91c5
42eb473241cf5a70201414b9c45151691da5ea818e430266e49f79929b7619de
434257e9dd863bac68ef99b6d196aa0207bebf0d01c48dc4515e287ba5196a75
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c1443532f1c24c2e835a69b7d43232be7cdd731a340f414a4705ae1e171459
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd4d788c8228ac14c9469de698a95eabf9b86b9bf028a3f91a1e729757e6403
4e01186d0af621fdbd7b99111ebda93e51046c92096d7e40ab38dcd59ee92179
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51597c65d273ecc65ae1654cb9fdfe36c6f92b4b5ca6f7479c756200a764d649
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c7d862775a3e2355990661a6065ff6ba5c2a33575fbf26d81bb2462b346f29
58707a3255f4b08c1300e12013e6d3abef7abe63490e3c77762d80d6515967eb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a9e9a5bd46e1a40a0b3a6a2ce0045fe1e913fef1d4d08d422d4a780d8e2a7f2
5c21c555767cc7534fbeeb7cffcbdabe1427c714fe961addf92a50c2242bdb7d
5d43a0174d4d519aeb5a5071e72f42777d08d9296e8f1fd3228dc8bea9a7e6eb
5f270522ff9781bc0a141798ea6f3f3efa61877c255519b2e0a04d78df782668
617fcbee381c6e4a0ef60c3c9e549d31b8ed234b561ae8befec09a32570390e5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62545b662826a9d6fcf2d5afc6fa3630d33cb1abcd6fd51963267c9d9717f6a6
663969c81e883532f28b31ad0844deb86ace5d92f3a69967111b1c602068f484
665c3b59969d3d37b1d9c7e76e72e9a4bf2a285026d5ccb1b37bc7a4e37baa70
683dddc03a7de235f2f27e4dd81e682c6d24de549c982916a0d997ce801b022d
69660769ffaae5257a8e6bad7fc8c8f977de189310e32230edb32f53937562bd
6c33f05051f0fb9d350ee7ff81edc270ea95673e6a670b2641c5f50062813171
70b4dd9d94b6df6d9ed341f2431de2eee2934b05c72ee09439d2847bcbfe87a2
70c389dd3f494ca6669f3bc6bea2a41d4776f6e0ecc5cc6d38d06b24fd5aad4f
75071cf9be2ca98872d47bb01889d8485fdc9f8cfe7916a629628e7eaa616875
75c1d18fda2d9e28c982faa9121090d8206a5ecf0cf27e9c8677bdc1acc84ef9
7a3b163defbc983dd88e03720ee833c2b37ba38d2b95b90f4f3b87c8e09d36c6
7b2baeb728921ea55ffcbd67f3ff7e4e14fef464c03d3af230ba5336380fc895
7dccd4f7e3302b03685c2683f2e4534f3d140c8c145f3d0cabd65a541e180c9a
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87492e6ed237c1c8f435add674e7298ecf315e6ef5a4d4223b9d8aeaa9a0f78b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d301a8cb92aad636308cc3f4f005b2c2e2d781982e421489bdebae672c821b2
90143415180c10e12a914dd250ae361018be689389accde9eddde454dc795d67
90a8833372e286bdb7e9df0b8d21924efb71927ad6ce2369a6b50fb8bfd8bc64
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
965ceea0bc65070396cf0de0044f1dc0935c7fc27b174107a653f7e96dfaf602
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9a138763591ee6a8f71261b26449b10a66ad88e0aa197273c1766493158d8033
9a83dbe22335e9b198def2444145a4f1686a9bace8a69652f4e6213c4061b629
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3768af6e45caa2a7e4f2c7efab2c74ed4390a5ebd73e473373a72db590ba89
9bda0fea44f202289d2817057eaac9d084f85a6d72569056294dd5e681bad91f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a06021f37efbf7c4b6f6970fc5516fa5ea19c8688234728c7c4c61a2e9858730
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a46131dd5ba29ea89fda8378f9d93182bcf93a68414bbad20ef719d0f9c72062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a744eb47670bdb8ec23c65f0c0485a1bb64b2af198943e98eec88c871dbd516a
a811c8baa39758b46dcc2da65e9445563166185e97bdbffa692c03206eeebe44
a96495736e304e92c2c59f020def4d40398dd58502ad7504281cab1e4a8ccf3f
aa043184e0034c3f80e768a78dd763228032f4ab79622b3fd01f8ece71105fbb
aae3ef1d78104d02218710c0c9a10e109c3ccf5d36ad4a0123181c60e8b78dcd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04d81950f3e0e5d80912cd98ab15b9e79ac7d01402806dabcbffd95ca1da6c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e4b4344c251792e104d42b6da979ffbb1174a0aa29f4911bcb5b8885357d98
b51ddba4a6e1e3db4688f9bc841f52462f4e382452a9022f7fca36f7338aaa37
b5d52a04ab7333ad4829ddf1bd2349b2ee5a6858026c39bec2243d6d706e3976
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
bd9f4db923c84c6c23c91ef35897be7782bdb2b55ca233e8d0ad937cd69268ea
bf36f5ee3b211c138d24511daef077a9e6188f9d7536b88e0fa6caf64dc173d9
c18ca1c3fe936337de7d08a48e36283e6df2122ab193f060e85dd249c69e0093
c26db5f17c94bf0de4c7d2d06421aa02a97e96393d0fb64ef2a9a1134c0ee4fc
c2dbb2a884f80b8ddcd8a20761a78c0b3e0cbe5d878e7d23f3b6a637fa622e38
c356b5d55f26b5e3b0b80a99cbafba4d1ace1853edfad461aba3fcf555156a9b
c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f
c6b82564455b633f4c1fa04ca8249d4a241ae71e2f0942167664413e273f5cc9
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c967e406e8193fe0a18b3908d6ff3fe42f6a2dc03abb76eadd3faa17513e4b84
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cb8bae53fc18fa6edf91362723a1b2cf65b126921d5d489da0c69c6f6fb77bc1
cf9032499c82b04c4f99061313f6e27045f1edd03a03bbce7a6bffd390fb0be2
d03adf1de9345f24eb7f2b822d64864da6b4a061648861a40685f3a70d44a92f
d1c5e7135ef4fe954640b0a910305dba9e6ffda63ef4b57342002a45e8509c95
d47669a3c2ef851c13f1e81e2dbcf1b52f017b0b8ba910ac87d9939299f956c8
d881f91d620786db06755849ea5cc0a06163e406c1a98c80fd926d892ea27fa2
da46c03d76f2e990ea24c9cc7fca407cf1acee7228863fdfb9b1b3fbcdfc592d
dbab8cc4e8b5cba3d82ff593ef89e8cf7d50e2f286e635bba0e3b945502a00a5
dc5c3039047537d439e3ed9f08acf5c4dfa5e9a73b9cb9878a402081fa6b0c2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df88ba92742a84458c6a6aaa7f571ab344da4f7050981cecd578e60c160abfac
e17824bbe327dd6fd03e6472745c55f52ee7ffe18a53f2761c83c3bb93a2e31b
e2453942f6bfdde8dbf3da749ec50cf04b7f9caee9e8b59b70b1e333f11141e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
eafb6adc2f3b77df85dbaa3c0417bc80138bb74243ecc9d319e077ff85868d9f
ebfca2871cee0db06c7fd43d32983c0a7562f3d1183ad148b36bf6357f4e14c0
ed7113b17cdbb5abc1ea266293f147d2b41a0e264accbc62b229049f1381b695
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d
ef12318ff9a45adaf8c284d5aa8d2919d79fa3f9270a4b336fa519540962727a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2f67efa4464faa86d94e6105c044c3295cd498ca71e4c28ae02266bc8ad334
ef44290c548dfb9829dcc24820136bf86b6e24a4593414d668ddfbe83d920017
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f0c28534718d1daa630d3b39a40a00d7164d3c3d938d0606522aa2cbb45c5145
f0fe9a6a3f513a538de20bc65d28e6317d265310db53b73bbd6757c1c29a8fb9
f26405855e17ce9727718396875eeeadec5bf840ec915b55154fdc4c255b2ded
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f7c4bea0fb1de1082c21df9e5fba59191950382caa2391491552aa89ace311f0
f92720e61715901ec68eeaaa92f3148a175054370df656992613b05b51520bb5
fc41234f689da2d224cb6ec76fedbfa439e24edbcdfffde91e7c2084a4bbaabd
ff6616e7860b8c9e71353a71246494cc9f4e8b96cd7c797c432f204c377d1485

www.portalt5.com.br Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

240 Requests

94 %HTTPS

49 %IPv6

41 Domains

62 Subdomains

48 IPs

10 Countries

4434 kBTransfer

9751 kBSize

36 Cookies

37 Outgoing links

Page URL History

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.portalt5.com.br Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

94 %
HTTPS

49 %
IPv6

41
Domains

62
Subdomains

48
IPs

10
Countries

4434 kB
Transfer

9751 kB
Size

36
Cookies

240 HTTP transactions
11 data transactions