urlscan.io logo urlscan.io
SecurityTrails logo

cartascontratugas.pt Open in urlscan Pro
18.159.80.129  Public Scan

Go To Rescan Add Verdict Report
URL: https://cartascontratugas.pt/
Submission: On March 18 via manual from PT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 60 HTTP transactions. The main IP is 18.159.80.129, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cartascontratugas.pt.
TLS certificate: Issued by R3 on March 12th 2022. Valid for: 3 months.
This is the only time cartascontratugas.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    18.159.80.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
cartascontratugas.pt
9    216.58.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: sof01s11-in-f98.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2606:4700:3031::6815:496e (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2606:4700:3035::ac43:c822 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-0.cartascontratugas.pt
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2600:9000:20c3:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b9ea93dbff0aad95328edb38e2c72af5.safeframe.googlesyndication.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 cartascontratugas.pt
cartascontratugas.pt
cdn-0.cartascontratugas.pt
287 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
158 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
b9ea93dbff0aad95328edb38e2c72af5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
199 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 635
137 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
17 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 839
pixel.quantserve.com — Cisco Umbrella Rank: 381
10 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
83 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
420 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 792
430 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
36 KB
1 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 7742
93 KB
0 ackbure.pro Failed
ackbure.pro Failed
60 15
Domain Requested by
12 cartascontratugas.pt cartascontratugas.pt
8 securepubads.g.doubleclick.net cartascontratugas.pt
securepubads.g.doubleclick.net
7 pagead2.googlesyndication.com cartascontratugas.pt
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn-0.cartascontratugas.pt cartascontratugas.pt
cdn-0.cartascontratugas.pt
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 static.xx.fbcdn.net www.facebook.com
2 www.facebook.com connect.facebook.net
cartascontratugas.pt
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net cartascontratugas.pt
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 pixel.quantserve.com cartascontratugas.pt
1 partner.googleadservices.com pagead2.googlesyndication.com
1 b9ea93dbff0aad95328edb38e2c72af5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cartascontratugas.pt
1 www.googletagmanager.com cartascontratugas.pt
1 go.ezodn.com cartascontratugas.pt
0 ackbure.pro Failed cartascontratugas.pt
60 22
Subject Issuer Validity Valid
cartascontratugas.pt
R3		 2022-03-12 -
2022-06-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-25 -
2022-03-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://cartascontratugas.pt/
Frame ID: 9FBBA9710C9075D0B40CB4B341CBA3A9
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: 19BA84355B21580D29E1738E92AF45F3
Requests: 1 HTTP requests in this frame

Frame: https://b9ea93dbff0aad95328edb38e2c72af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4867E3D98228F8D4424B046E41CB5011
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5902083285302779&output=html&adk=1812271804&adf=3025194257&lmt=1647606747&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16777344%2C2%3A128%2C3%3A160%2C4%3A160%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fcartascontratugas.pt%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647606747569&bpp=2&bdt=391&idt=135&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4791852054520&frm=20&pv=2&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531397%2C44750773%2C44752536%2C31065371%2C44759850%2C31065658&oid=2&pvsid=1617497061099835&pem=286&tmod=654680202&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=152
Frame ID: B7E93E1656E3D6B0C8708230B5BD06FC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=149911925055378&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df182069cba68db8%26domain%3Dcartascontratugas.pt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcartascontratugas.pt%252Ff11d28e8e185fe8%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fcartascontratugas%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=false&size=large
Frame ID: 438381ED2FD09EEB14E5EE2F6119AA79
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5308428885024456&output=html&h=15&slotname=8698756055&adk=238915046&adf=3499390580&pi=t.ma~as.8698756055&w=728&lmt=1647606747&psa=0&channel=6238093103&url=https%3A%2F%2Fcartascontratugas.pt%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647606747571&bpp=1&bdt=393&idt=197&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4791852054520&frm=20&pv=2&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531397%2C44750773%2C44752536%2C31065371%2C44759850%2C31065658&oid=2&pvsid=1617497061099835&pem=286&tmod=654680202&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=s8Dz6sMqVM&p=https%3A//cartascontratugas.pt&dtd=203
Frame ID: DA03435C1DF53DB76DEF42726C9B64DE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78A551F50E41BFCFA6CF11CCB8953A49
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1332AA0A58AF3C56A1FFFA441A22978D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cartas Contra Tugas

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

98 %
HTTPS

89 %
IPv6

15
Domains

22
Subdomains

19
IPs

3
Countries

1045 kB
Transfer

3501 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cartascontratugas.pt/ 		80 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
2dc08df2011d1ad2ba46e00cb7bc5eedaff71bc932b066d2c5640b5996543431

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 18 Mar 2022 12:32:27 GMT
display
pub_site_sol
etag
W/"5209-Qr8s/8+Utqbf8DasaWMnqQ-gzip"
expires
Thu, 17 Mar 2022 12:32:27 GMT
pagespeed
off
response
200
server
nginx
vary
Accept-Encoding X-HTTP-Method-Override,User-Agent,Accept-Encoding
x-ezoic-cdn
Miss
x-middleton-display
pub_site_sol
x-middleton-response
200
x-origin-cache-control
x-powered-by
Express
x-sol
pub_site
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
sffe /
Resource Hash
e41854e6ee29797f26b5ae261cebad41f4e92c4e6bdd6dd46efb101ab9e52029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27851
x-xss-protection
0
server
sffe
etag
"1161 / 204 of 1000 / last-modified: 1647601789"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 12:32:27 GMT
dall.js
go.ezodn.com/hb/ 		314 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onetag,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp&cb=195-2-35
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8293be81465385971886aed840dd29c946f3f900775242b4f502dbff7f38caec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 18 Mar 2022 12:32:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxkGhGPgevnLnQuHFNofUpBdthGOfwXDYtLjHRuDLbdHyzANTm8e3iLwQ2Vlp4A9ql4QdN9kARgCcNKtZnvl5gNhX730w2H2vRxikSWfit009rmtXPVcrfK8JsPKdP4ZvHb7ipaJMGMnyew%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eddfdba4856f937-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c80fb7ca2eb065729a1e8ead88f1514f83c23601c1cc5edc514d13ec161dbf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54652
x-xss-protection
0
server
cafe
etag
15474962604917723193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Mar 2022 12:32:27 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11976010-2
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66b907135310862a4055f4d2c9f56b2380d306285c913ef677891d126ecf92d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36811
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Mar 2022 12:32:27 GMT
derpy.css
cdn-0.cartascontratugas.pt/styles/ 		146 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.cartascontratugas.pt/styles/derpy.css
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ebdf29b74b184013aedeaf8198f9895d237fcd84d42ff56abbc2fe87b3f63f7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
vary
Accept-Encoding, X-HTTP-Method-Override,User-Agent,Origin,Accept-Encoding
cf-cache-status
EXPIRED
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-powered-by
Express
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
public, max-age=0
response
200
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
cloudflare
etag
W/"246e3-172be8713e7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J82R6t%2Fpg0mhrxS2PWdcnV%2F6V8uMzsbys9pIppBVrbQUdaDJPrZRZR3aGnntl8XU81HU%2BIfpqhQnYtK77JybFWIPjqwwmYp7u40gmpR%2BXUNUGz26inuK%2BVtiTRfb%2FGEji8ndOvSjL68mMgiLFN9jyXbdHtogTd0zqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
6eddfdbad92a3744-MXP
cookieconsent.min.js
cartascontratugas.pt/ezoic/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/ezoic/cookieconsent.min.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
nginx
etag
"11a4-5d9e556d39bc0-gzip"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
content-length
1707
expires
Sat, 18 Mar 2023 12:32:27 GMT
jquery-1.10.2.min.js
cdn-0.cartascontratugas.pt/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.cartascontratugas.pt/js/jquery-1.10.2.min.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-powered-by
Express
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
public, max-age=0
response
200
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
cloudflare
etag
W/"16bb3-172be838ab4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, X-HTTP-Method-Override,User-Agent,Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIDhjSdK3HwC0wGMtoUpeKLJ3DhBQEx1CllbMLpcWtjY3KH3Y9hwA%2FXuLQqVgfc1zcSHaOQlm6osZAnv4PNNsFxHoCW66bmK9tRyv5LCGCDK1fOa1RhaP6k28Fbjnnj7hH4j9HU6jIFqAycnjtnsAfIb4P56soePxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6eddfdbad9313744-MXP
vendors.min.js
cdn-0.cartascontratugas.pt/js/ 		605 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.cartascontratugas.pt/js/vendors.min.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
306c6712cf853ae865d9dc6b40458b1e8c76c7a56cc7c0c75043cecd85a8e24a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-powered-by
Express
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
public, max-age=0
response
200
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
cloudflare
etag
W/"97471-172be8388c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, X-HTTP-Method-Override,User-Agent,Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPit59ddp3kwaJUEN5G4ydDC5KtxvaVpxT%2F%2Bl4mP6gnCq2sIVxAEw4HG8%2B8u41p75fc57uFj8kqLzGpc6wx4pLQsUaGfkJ1o%2B97lZqBorUtQjAacO%2FbLYgTwPkBPIvd%2FVJKYwurdhuJybA22%2BL5rxQfO6%2FQaR5EEkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6eddfdbad9373744-MXP
cae.js
cdn-0.cartascontratugas.pt/js/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.cartascontratugas.pt/js/cae.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fe4192c7ff350f45afc986aa22b79448418e90e7947c23561f297a8eecd6eced

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-powered-by
Express
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
public, max-age=0
response
200
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
cloudflare
etag
W/"e237-172be838754-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, X-HTTP-Method-Override,User-Agent,Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4ezRHwawqkHc9UAefeFnYdgaUorx7JaC12RX%2F6gv0o6X9%2FW7W9HObfbimys785ifu2wc8ZTWJATnjJ9zgP7GbsCkShzPuiViqCB3LLf5JinjeneEDiJKiML08Cz7dzAD9KDHP1YOArJgoCyUp10lIxuQZlu5%2FzUPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6eddfdbad9333744-MXP
banger.js
cartascontratugas.pt/porpoiseant/ 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/porpoiseant/banger.js?cb=195-2&bv=107&v=57&PageSpeed=off
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
130f2f612b8ba840db6a5ac925abd6108c8ffc35c4f678a596116b071be95258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
zd
ackbure.pro/c/DD9.6/bh2j5YliS-W/Qp9/NbDLEBzFOuTVQDzkMHiA0/0WM/TCM/5TNqDIM/ 		0
0
pubads_impl_2022031501.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
sffe /
Resource Hash
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 03:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126660
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 08:35:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 03:19:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		148 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cartascontratugas.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
cafe /
Resource Hash
779b05180e51ca1e53cdd0320be18008d233bc40946e37104e4f639886b93ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109
x-xss-protection
0
expires
Fri, 18 Mar 2022 12:32:27 GMT
cmbv2.js
cartascontratugas.pt/detroitchicago/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y36-23y55-1y59-21&cmbcb=28&sj=x04x02x06x07x0bx0dx13x17x21x36x55x59
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8a0614e857853f6b0c87922b477c236bf4e0d7d6aaaff9fdf70d5bf500a2ed5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
glyphicons-halflings-regular.woff
cdn-0.cartascontratugas.pt/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-0.cartascontratugas.pt/fonts/glyphicons-halflings-regular.woff
Requested by
Host: cdn-0.cartascontratugas.pt
URL: https://cdn-0.cartascontratugas.pt/styles/derpy.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Request headers

Referer
https://cdn-0.cartascontratugas.pt/styles/derpy.css
Origin
https://cartascontratugas.pt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
vary
Accept-Encoding, X-HTTP-Method-Override,User-Agent,Origin,Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-powered-by
Express
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
public, max-age=0
response
200
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
cloudflare
etag
W/"4040-172be838aa4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/font-woff
access-control-allow-origin
https://cartascontratugas.pt
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrFCDZ7oLF5WMQvvS5I%2F311ZSiquwy%2FsUHtXa8Skx14ZTHXCObap4V55IaRGohxrTLb3EO5WHFkrZ%2BptGEBgOf%2B8igDvdE4NcETiSc%2BYCl1SPKPq8UaaHNwpq6TUZ9GFOpt6xynPf9dSJvxvIZY893Oufu06fKpYMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
6eddfdbbddb859e3-MXP
sdk.js
connect.facebook.net/pt_PT/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_PT/sdk.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
32b66fd798a628d45fe3fd27c1b2e083f6a61f7d1220ba938ee5dd1786099933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
S9LqeJGMTs5szBctCbWtQw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 18 Mar 2022 12:42:06 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
OcyNb5lh2FRULfKSYD6iulx6Z3V6uo1h5fIbimri6XQNMBN8ld3K68007E8Uw0qArT1vd08pFYO78TBj95M/+g==
x-fb-trip-id
686109401
x-fb-content-md5
0c03b6d63896558c2fcfa76be4ce4e20
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 18 Mar 2022 12:32:27 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e340e0611e5c79d9cb59866c170c783b"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
sdk.js
connect.facebook.net/pt_PT/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_PT/sdk.js?hash=f70a8f1363f7969e20bf0385a618d71f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e326062ce655b001ecc3af6eb024bd05b2b2dc7026644e29379d92cfdca04bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cartascontratugas.pt/
Origin
https://cartascontratugas.pt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4SGBolUsAWhWgD+p7p5+uw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 18 Mar 2023 08:28:20 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82677
x-fb-rlafr
0
x-fb-debug
X+Mc8zWVdx4VzorDT9HQCHSY0qBJqy4iTF/+3fwrVFeId9nnPC2nisDzrgB5YuFgvuWyA6ez1gaiq56QMSE9EA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4c1c52b47e1544e13a4cfd875fd9e9f3
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 12:32:27 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"4e4751dd03b69d0ddbd571d14100670b"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
imp.gif
cartascontratugas.pt/detroitchicago/ 		43 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%225%2C3%2C1%2C82%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A3%2C%22bidder_method%22%3A0%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A181667%2C%22domain_test_group%22%3A20210304%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A3%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22239%22%2C%22iab_category_1%22%3A%22271%22%2C%22iab_category_2%22%3A%22596%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A0%2C%22page_ad_positions%22%3A%221100%2C1120%2C1125%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22f9026a93-9186-4bb8-62df-1e75598a3565%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A21001%2C%22response_time_orig%22%3A42%2C%22serverid%22%3A%2218.156.118.63%3A19694%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221100%2C1120%2C1125%2C1126%22%2C%22t_epoch%22%3A1647606746%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fcartascontratugas.pt%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A101%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y36-23y55-1y59-21&cmbcb=28&sj=x04x02x06x07x0bx0dx13x17x21x36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
47
expires
Thu, 17 Mar 2022 12:32:30 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y36-23y55-1y59-21&cmbcb=28&sj=x04x02x06x07x0bx0dx13x17x21x36x55x59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 25 Mar 2022 12:32:27 GMT
cmbdv2.js
cartascontratugas.pt/detroitchicago/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/detroitchicago/cmbdv2.js?gcb=195-2&cb=03-5y0c-5y18-4y37-23y5a-21&cmbcb=28&sj=x03x0cx18x37x5a
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
393cf059847f414f58a0493b891f950f4d62492292fc69964ad2c378071e3acd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
nmash.js
cartascontratugas.pt/porpoiseant/ 		24 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/porpoiseant/nmash.js?v=107
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
nginx
etag
"6003-5d9e556d39bc0;5d9e556d39bc0-gzip"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11976010-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1661
date
Fri, 18 Mar 2022 12:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 18 Mar 2022 14:04:46 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 		294 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5902083285302779&plah=cartascontratugas.pt
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108579
x-xss-protection
0
server
cafe
etag
4861168965344539476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Mar 2022 12:32:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame 19BA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Thu, 17 Mar 2022 20:47:02 GMT
expires
Thu, 31 Mar 2022 20:47:02 GMT
cache-control
public, max-age=1209600
age
56725
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 02:07:36 GMT
via
1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
age
37492
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
MUC50-C1
accept-ranges
bytes
x-amz-cf-id
3PBJdd2Y8pkr6PFVfX_EMIOJEBLMb8MwagEYsywREA1kul6yXmx6qg==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=174643493&t=pageview&_s=1&dl=https%3A%2F%2Fcartascontratugas.pt%2F&ul=en-us&de=UTF-8&dt=Cartas%20Contra%20Tugas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1463730573&gjid=1881202010&cid=224536402.1647606748&tid=UA-11976010-2&_gid=360694222.1647606748&_r=1&gtm=2ou3e0&z=1522968075
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cartascontratugas.pt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 12:32:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cartascontratugas.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11976010-2&cid=224536402.1647606748&jid=1463730573&gjid=1881202010&_gid=360694222.1647606748&_u=YEBAAUAAAAAAAC~&z=1811770265
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cartascontratugas.pt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Mar 2022 12:32:27 GMT
content-type
text/plain
access-control-allow-origin
https://cartascontratugas.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
houston.js
cartascontratugas.pt/detroitchicago/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/detroitchicago/houston.js?gcb=2&cb=16
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1351
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cartascontratugas.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cartascontratugas.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		897 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617497061099835&correlator=2112650755613279&eid=31065690%2C44759850%2C31065658%2C44755510&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21732118914%3A21940649733%2Ccartascontratugas_pt-box-2%2Ccartascontratugas_pt-box-4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=468x60%2C300x250&ifi=3&adks=1878980118%2C1307313700&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=a%3D%257C254%257C%26iid1%3D2684316986633516%26eid%3D2684316986633516%26t%3D134%26d%3D181667%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dcartascontratugas_pt-box-2-2684316986633516%26eb_br%3D91e22f7223f09c1ff1a7040043fe9b1b%26eba%3D1%26ebss%3D11304%26asau%3D2735210176%26bv%3D0%26bvm%3D2%26bvr%3D2%26shp%3D1%26acptad%3D1%26br1%3D32%26br2%3D16%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%7Ca%3D%257C254%257C%26iid1%3D2092625314652044%26eid%3D2092625314652044%26t%3D134%26d%3D181667%26t1%3D134%26pvc%3D0%26ap%3D1120%26sap%3D1120%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcartascontratugas_pt-box-4-2092625314652044%26eb_br%3Dbb779436aa3533ea7e00abe462374b80%26eba%3D1%26ebss%3D11304%26asau%3D2735210176%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D3%26br1%3D200%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C13%2C120%2C27%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C2310%2C2339%2C2526%2C2527&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1647606747687&lmt=1647606747&dlt=1647606747179&idt=361&biw=1600&bih=1200&adxs=566%2C815&adys=87%2C508&oid=2&ucis=1%7C2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fcartascontratugas.pt%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1570x60%7C770x250&msz=468x60%7C770x250&fws=0%2C0&ohw=0%2C0&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=true&btvi=0%7C0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
cafe /
Resource Hash
049c48e42b71a56d6edf9ea6ec65b82bff494c11d91993f38184d3b5876025f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cartascontratugas.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b9ea93dbff0aad95328edb38e2c72af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4867 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9ea93dbff0aad95328edb38e2c72af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 12:32:27 GMT
expires
Sat, 18 Mar 2023 12:32:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		224 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=cartascontratugas.pt&callback=_gfp_s_&client=ca-pub-5902083285302779
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5902083285302779&plah=cartascontratugas.pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
cafe /
Resource Hash
6b2153922a8aa21f7c18649997ce1855317d331f3349f9f8daa9f87c8a9a8693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcartascontratugas.pt%2F&tn=DIV&id=ezmobfooter&cls=ezmob-footer%20ezoic-floating-bottom%20ezo_ad%20ezmob-footer-desktop&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 12:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B7E9 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5902083285302779&output=html&adk=1812271804&adf=3025194257&lmt=1647606747&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16777344%2C2%3A128%2C3%3A160%2C4%3A160%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fcartascontratugas.pt%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647606747569&bpp=2&bdt=391&idt=135&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4791852054520&frm=20&pv=2&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531397%2C44750773%2C44752536%2C31065371%2C44759850%2C31065658&oid=2&pvsid=1617497061099835&pem=286&tmod=654680202&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5902083285302779&plah=cartascontratugas.pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 18 Mar 2022 12:32:27 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Mar 2022 12:32:27 GMT
cache-control
private
like.php
www.facebook.com/v2.11/plugins/ Frame 4383 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=149911925055378&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df182069cba68db8%26domain%3Dcartascontratugas.pt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcartascontratugas.pt%252Ff11d28e8e185fe8%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fcartascontratugas%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=false&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js?hash=f70a8f1363f7969e20bf0385a618d71f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca4c94372180cd0426c178fcd18199d3706638a29bc171e3c636cc6ba19f5442
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v6.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
4tq40kmDzhtfgKpt6x0SYixZZdZZ6FG+/xvRLNFgc7frQ++E4/vlGYAlCl4u9TBWc21saBfWy6eSK92E7fiBfw==
date
Fri, 18 Mar 2022 12:32:27 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617497061099835&correlator=1391420968756866&eid=31065690%2C44759850%2C31065658%2C44755510&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21732118914%3A21940649733%2Ccartascontratugas_pt-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=2318699267&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D8428849956629522%26eid%3D8428849956629522%26t%3D134%26d%3D181667%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dcartascontratugas_pt-medrectangle-2-8428849956629522%26eb_br%3Dfdeb1c0131f36a890082d4fe8e1da0d1%26eba%3D1%26ebss%3D11304%26asau%3D2735210176%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26br1%3D550%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C206%2C154%2C4%2C134%2C122%2C153%2C20%2C71%2C145%2C205%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C899%2C919%2C2339&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1647606747760&lmt=1647606747&dlt=1647606747179&idt=361&biw=1600&bih=1200&adxs=436&adys=1110&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fcartascontratugas.pt%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
cafe /
Resource Hash
b9fa25b9fd31bd5675aa9b37323915ac7bab977ed41cbb1b341cdc34facb3942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cartascontratugas.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=130815604;labels=Domain.cartascontratugas_pt%2CDomainId.181667;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fcartascontratugas.pt%2F;uht=2;fpan=1;fpa=P0-374234009-1647606747766;pbc=;ns=0;ce=1;qj...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=130815604;labels=Domain.cartascontratugas_pt%2CDomainId.181667;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fcartascontratugas.pt%2F;uht=2;fpan=1;fpa=P0-374234009-1647606747766;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=cartascontratugas.pt;je=0;sr=1600x1200x24;dst=0;et=1647606747765;tzo=0;ogl=
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 12:32:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DA03 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5308428885024456&output=html&h=15&slotname=8698756055&adk=238915046&adf=3499390580&pi=t.ma~as.8698756055&w=728&lmt=1647606747&psa=0&channel=6238093103&url=https%3A%2F%2Fcartascontratugas.pt%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647606747571&bpp=1&bdt=393&idt=197&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4791852054520&frm=20&pv=2&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531397%2C44750773%2C44752536%2C31065371%2C44759850%2C31065658&oid=2&pvsid=1617497061099835&pem=286&tmod=654680202&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=s8Dz6sMqVM&p=https%3A//cartascontratugas.pt&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5902083285302779&plah=cartascontratugas.pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 18 Mar 2022 12:32:27 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Mar 2022 12:32:27 GMT
cache-control
private
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 4383 		400 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=149911925055378&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df182069cba68db8%26domain%3Dcartascontratugas.pt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcartascontratugas.pt%252Ff11d28e8e185fe8%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fcartascontratugas%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=false&size=large
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
400
x-fb-rlafr
0
x-fb-debug
d/6wdouCoK3OK7fvULlH7vBf1hKxg9k1tL9kXO1GgR9/6Ey5Rx0eqYwo5rPj87fBJFPodKLwvsJ5AwAbuv71jg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 10 Mar 2023 03:21:24 GMT
O1HAmSXE-0h.js
static.xx.fbcdn.net/rsrc.php/v3iwQw4/y-/l/pt_PT/ Frame 4383 		523 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iwQw4/y-/l/pt_PT/O1HAmSXE-0h.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=149911925055378&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df182069cba68db8%26domain%3Dcartascontratugas.pt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcartascontratugas.pt%252Ff11d28e8e185fe8%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fcartascontratugas%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=false&size=large
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f1df8b871ea1777c93e8e6c07189d18ea144e25598ec1d4ab8c85dcf7089bc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
I2FRVXGwCpNAO2TSX6CoqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
139497
x-fb-rlafr
0
x-fb-debug
4eKQ0uYyAyDK3duXDXQ6APAieW5pOigg7xgOgdBysKU/8OEV7murX4xbfR+FUDU765WWb8klZKu413rfHm2fEA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 18 Mar 2023 01:34:01 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 4383 		67 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1647606747863&t_start=1647606747863&t_domcontent=1647606747868&t_layout=1647606747916&t_onload=1647606747916&t_paint=1647606747916&t_creport=1647606747916&t_tti=1647606747868&lid=7076417095998195092-0
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=149911925055378&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df182069cba68db8%26domain%3Dcartascontratugas.pt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcartascontratugas.pt%252Ff11d28e8e185fe8%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2Fcartascontratugas%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=false&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
W0uPCm/nBtiyNDOP6kQlfLGWkXLGPyjYMS6yn+H+ZrmXqgl/+SmvcrkCJad5owl76FUG+0Hi519CFcqCN9TvUA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 18 Mar 2022 12:32:27 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dark-bottom.css
cartascontratugas.pt/ezoic/styles/ 		3 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/ezoic/styles/dark-bottom.css
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/ezoic/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
br
last-modified
Thu, 10 Mar 2022 23:11:51 GMT
server
nginx
etag
"bd7-5d9e556d39bc0-gzip"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
content-length
725
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82177c9096f21876ecb45e5c9068800d3cab3f0a4d70bb6a80fe8a9feaef57d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 12:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 12:32:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78A5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 12:04:04 GMT
expires
Sat, 18 Mar 2023 12:04:04 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1704
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1332 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b253810437f52ef20c90a40178ded51c94aeb83f864eaa77046683e0c344af59
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CAEwbCQppuQ5WVf1yTza8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 12:32:28 GMT
date
Fri, 18 Mar 2022 12:32:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-CAEwbCQppuQ5WVf1yTza8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
greenoaks.gif
cartascontratugas.pt/detroitchicago/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmOTAyNmE5My05MTg2LTRiYjgtNjJkZi0xZTc1NTk4YTM1NjUiLCJkb21haW5faWQiOiIxODE2NjciLCJ0X2Vwb2NoIjoxNjQ3NjA2NzQ2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZjkwMjZhOTMtOTE4Ni00YmI4LTYyZGYtMWU3NTU5OGEzNTY1IiwiZG9tYWluX2lkIjoiMTgxNjY3IiwidF9lcG9jaCI6MTY0NzYwNjc0NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDMtMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmOTAyNmE5My05MTg2LTRiYjgtNjJkZi0xZTc1NTk4YTM1NjUiLCJkb21haW5faWQiOiIxODE2NjciLCJ0X2Vwb2NoIjoxNjQ3NjA2NzQ2LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmOTAyNmE5My05MTg2LTRiYjgtNjJkZi0xZTc1NTk4YTM1NjUiLCJkb21haW5faWQiOiIxODE2NjciLCJ0X2Vwb2NoIjoxNjQ3NjA2NzQ2LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImY5MDI2YTkzLTkxODYtNGJiOC02MmRmLTFlNzU1OThhMzU2NSIsImRvbWFpbl9pZCI6IjE4MTY2NyIsInRfZXBvY2giOjE2NDc2MDY3NDYsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y36-23y55-1y59-21&cmbcb=28&sj=x04x02x06x07x0bx0dx13x17x21x36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:28 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Thu, 17 Mar 2022 12:32:23 GMT
greenoaks.gif
cartascontratugas.pt/detroitchicago/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmOTAyNmE5My05MTg2LTRiYjgtNjJkZi0xZTc1NTk4YTM1NjUiLCJkb21haW5faWQiOiIxODE2NjciLCJ0X2Vwb2NoIjoxNjQ3NjA2NzQ2LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxMjUifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjU1MCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiNyJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI1NTMifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI1NzIifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNzM1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZjkwMjZhOTMtOTE4Ni00YmI4LTYyZGYtMWU3NTU5OGEzNTY1IiwiZG9tYWluX2lkIjoiMTgxNjY3IiwidF9lcG9jaCI6MTY0NzYwNjc0NiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiODcxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZjkwMjZhOTMtOTE4Ni00YmI4LTYyZGYtMWU3NTU5OGEzNTY1IiwiZG9tYWluX2lkIjoiMTgxNjY3IiwidF9lcG9jaCI6MTY0NzYwNjc0NiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI4NzEifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmOTAyNmE5My05MTg2LTRiYjgtNjJkZi0xZTc1NTk4YTM1NjUiLCJkb21haW5faWQiOiIxODE2NjciLCJ0X2Vwb2NoIjoxNjQ3NjA2NzQ2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZjkwMjZhOTMtOTE4Ni00YmI4LTYyZGYtMWU3NTU5OGEzNTY1IiwiZG9tYWluX2lkIjoiMTgxNjY3IiwidF9lcG9jaCI6MTY0NzYwNjc0NiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiI5LjYifV19XQ==
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y36-23y55-1y59-21&cmbcb=28&sj=x04x02x06x07x0bx0dx13x17x21x36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:28 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Thu, 17 Mar 2022 12:32:40 GMT
greenoaks.gif
cartascontratugas.pt/detroitchicago/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cartascontratugas.pt/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmOTAyNmE5My05MTg2LTRiYjgtNjJkZi0xZTc1NTk4YTM1NjUiLCJkb21haW5faWQiOiIxODE2NjciLCJ0X2Vwb2NoIjoxNjQ3NjA2NzQ2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZjkwMjZhOTMtOTE4Ni00YmI4LTYyZGYtMWU3NTU5OGEzNTY1IiwiZG9tYWluX2lkIjoiMTgxNjY3IiwidF9lcG9jaCI6MTY0NzYwNjc0NiwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiI4NzkifV19XQ==
Requested by
Host: cartascontratugas.pt
URL: https://cartascontratugas.pt/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y36-23y55-1y59-21&cmbcb=28&sj=x04x02x06x07x0bx0dx13x17x21x36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:28 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Thu, 17 Mar 2022 12:32:29 GMT
Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
pagead2.googlesyndication.com/bg/ Frame 78A5 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
310624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13802
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 22:15:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1332 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=1617497061099835&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 78A5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pEtVRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031501&jk=1617497061099835&bg=!gIOlg8fNAAba2mK92to7ACkAdvg8WmP0HUoTEyGoCQ7JqKbeVpzSejvlEsnDhcxOjtPXLOiLjju5oQIAAABXUgAAAAJoAQcKAFNevEG4xnDMBWI0RuJGapQV4AYWEwuj3_eumIMkPd02vqvUo88OTZhFTVhoOpcCwrLPxa7gpZfpXZvsdBhH787-6bbbV9Wkld-n10qoT8QC5TXCnpkC4Znkls2vWl8ngx714XHDRlUo0ah8ntrPJeQg4B15MaBbWtN6RNNp6KNpm535a_Z0k4ZZKRPhcM_TD5OdkFDPVtkMPfMH3ElbCQ3cqaeYAMuOsfIEqf7hsJ8la2D_SaMj4VVddWF839Upf1WFaJnSDh9d95K51PeL6Uj9Dy9u3_6nP0XnBhB-VxdAKeYptSMPXqODcdT8p33FceV9bZomeIS4eb-Tkh0WjaW7GyBhhQca2elyxNLQnPYEbd0n1MuX4-hkhIfDeq8f9cMSwkY_F1_SYb9Cf971vRTbaa1G4FdylE1_YbZJv1j5DCwF5j1ULD3Jc9V9Rxj7NVP8gtITueI1W0tsDniM9x-MA72LtGACeS685_brSBJHaBhA5DXPDj5yqJoY4Q7jEyifd0WYY2CKS4YFgJYa8qH9tD4kJeob43RIhFj_1_9Dqp8YI2LuHNAkeU92Cw2ku7LsyPPq4ihxWoVhLcI2bDQmn-IPodVUEPO9UNj26oo3V7v8ZJ02O3uMlRt_DmI6XfGPTHTgX7vwBkJ3pTXTSOdL8-9iOsu33Y1cC-NCCFWo-BtLI8NtlZrSxwf0zvKtrW4DSzuaxr_xvuTmcdzGa8AXhasOiHLlzrt10oz5R01KyTg9wUgXJy0UMK3q0eHYMU2GpmdAkQlROpmuRutk-NKn8l1ANOXM7o3SX-d3WKppm0EyEFiu2EFCsmYG1jHAkFVzjM-lMaJ4kS0WG5kH4G53FnVVsJQaUkPDapp2n2GiZX0btajO_ghF5jbkibMsQNq2eduKW87fMChUz6QEwKz_Sk8J3F2OljjOWDa6_J7PCKM8TLQjGZg-5pAQRDcARwkr7fKKAKqRqGJRhaZPWzSQwE-mYFXNMA9Rz7Gz3yMXiUXWrInc3TkNmnX0DhtOm9KyiPthj3jaJ99x6OEmDsNfnZeWEIjqPZZAgzE0iJow_qUoySRdaFgQNKcNgweAvHm1TowxIEA0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 12:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cartascontratugas.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 12:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cartascontratugas.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 12:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		432 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617497061099835&correlator=3107233879590570&eid=31065690%2C44759850%2C31065658%2C44755510&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21732118914%3A21940649733%2Ccartascontratugas_pt-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=1307313700&sfv=1-0-38&ecs=20220318&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C254%257C%26iid1%3D2092625314652044%26eid%3D2092625314652044%26t%3D134%26d%3D181667%26t1%3D134%26pvc%3D0%26ap%3D1120%26sap%3D1120%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcartascontratugas_pt-box-4-2092625314652044%26eb_br%3D2b579bd406d80336360cc9360dca858a%2Ca495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D11304%26asau%3D2735210176%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D3%26br1%3D100%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C13%2C120%2C27%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C2310%2C2339%2C2526%2C2527%2C17%2C2351%2C2610%26lb%3D200%26reqt%3D1647606751091&eri=1&sc=1&cookie=ID%3Df43baf17556931b5-22f7bcde60cd00cc%3AT%3D1647606747%3AS%3DALNI_MYL8p3VyDtuLqofLbF34kEVjVU3AQ&abxe=1&dt=1647606751097&lmt=1647606751&dlt=1647606747179&idt=361&biw=1600&bih=1200&adxs=815&adys=536&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fcartascontratugas.pt%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=770x250&msz=770x250&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
cafe /
Resource Hash
8086c9cebe8b8f8737773514bc3c6d33f7bb5d70af3c027c31a3919204670493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cartascontratugas.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		431 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617497061099835&correlator=1745695673411350&eid=31065690%2C44759850%2C31065658%2C44755510&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21732118914%3A21940649733%2Ccartascontratugas_pt-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=7&adks=1878980118&sfv=1-0-38&ecs=20220318&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C254%257C%26iid1%3D2684316986633516%26eid%3D2684316986633516%26t%3D134%26d%3D181667%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dcartascontratugas_pt-box-2-2684316986633516%26eb_br%3Dfe1f34fd0c4fe8bf8d52adece55deeb2%2C674294a1b21a1e89fc99c14c9b17be44%26eba%3D1%26ebss%3D11304%26asau%3D2735210176%26bv%3D0%26bvm%3D2%26bvr%3D2%26shp%3D1%26acptad%3D1%26br1%3D28%26br2%3D16%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%26lb%3D32%26reqt%3D1647606751100&eri=1&sc=1&cookie=ID%3Df43baf17556931b5-22f7bcde60cd00cc%3AT%3D1647606747%3AS%3DALNI_MYL8p3VyDtuLqofLbF34kEVjVU3AQ&abxe=1&dt=1647606751104&lmt=1647606751&dlt=1647606747179&idt=361&biw=1600&bih=1200&adxs=566&adys=87&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fcartascontratugas.pt%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1570x60&msz=468x60&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
cafe /
Resource Hash
db4943124824e7834261750f95067d64fd6c1d48bae9bf45e8a3b1ff8e0bf17c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cartascontratugas.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617497061099835&correlator=3187344213791883&eid=31065690%2C44759850%2C31065658%2C44755510&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21732118914%3A21940649733%2Ccartascontratugas_pt-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=2318699267&sfv=1-0-38&ecs=20220318&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D8428849956629522%26eid%3D8428849956629522%26t%3D134%26d%3D181667%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dcartascontratugas_pt-medrectangle-2-8428849956629522%26eb_br%3D2acc48f80457fdc6d4d6786673884135%2Cc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D11304%26asau%3D2735210176%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26br1%3D280%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C206%2C154%2C4%2C134%2C122%2C153%2C20%2C71%2C145%2C205%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C899%2C919%2C2339%2C20%2C2310%2C2526%2C2527%26lb%3D550%26reqt%3D1647606751108&eri=1&sc=1&cookie=ID%3Df43baf17556931b5-22f7bcde60cd00cc%3AT%3D1647606747%3AS%3DALNI_MYL8p3VyDtuLqofLbF34kEVjVU3AQ&abxe=1&dt=1647606751114&lmt=1647606751&dlt=1647606747179&idt=361&biw=1600&bih=1200&adxs=436&adys=1110&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fcartascontratugas.pt%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=224536402.1647606748&ga_sid=1647606748&ga_hid=174643493&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sof01s11-in-f98.1e100.net
Software
cafe /
Resource Hash
47642b5eb3d9bd20137ca268df238b16dd3622f1db27f1e16b44bcf85071dd7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cartascontratugas.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 12:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cartascontratugas.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ackbure.pro
URL
https://ackbure.pro/c/DD9.6/bh2j5YliS-W/Qp9/NbDLEBzFOuTVQDzkMHiA0/0WM/TCM/5TNqDIM/zd

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored object| __ez string| __sellerid string| __ez_nid object| ezasVars number| stPixelInterval object| ezslots_raw object| __advertiserRule object| google_reactive_ads_global_state function| ezasvEvent function| ezaslEvent object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoSTPixelFire boolean| ezhbopt object| __banger_pmp_deals object| _ebcids number| ezobv function| ez_isclean object| ezSlotKVStore function| ezSetSlotTargeting function| ezGetSlotById function| ezSetTargetingFromMap object| ez_queue function| sort_queue function| execute_ez_queue function| ez_write_tag function| in_array object| ezrpos undefined| ez_current_interval number| ez_current_load function| __ez_fad_load boolean| __ez_fad_floatshowd function| __ez_fad_floatshow object| __ez_fad_initslot object| __ez_fad_fastd object| __ez_fad_fastdiv object| __ez_fad_fastslots object| __ez_fad_viewslots object| __ez_fad_instaslots object| ezslit_run object| __ez_fad_divs object| __ez_fad_divsd number| __ez_fad_vw number| __ez_fad_vh number| __ez_fad_count function| __ez_fad_invisible function| __ez_fad_position function| __ez_fad_fast function| __ez_fad_csnt boolean| __ez_fad_haspo function| __ez_fad_rdy function| __ez_fad_docht function| __ez_fad_vpht function| __ez_close_anchor function| __ez_set_cnx_floor number| __ez_fad_doc_ht number| __ez_fad_vp_ht boolean| __ez_fad_hascp object| ez_ad_units object| ezslots object| ezsrqt object| __ez_fad_divpos object| ezorbf boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezoibfh object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb object| adsbygoogle boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat function| gtag object| dataLayer object| ggeac object| google_js_reporting_queue object| cookieconsent_options boolean| hasCookieConsent string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did number| _ez_fad_vw function| $ function| jQuery object| FB function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| __ezDotData object| ezux function| _ez_TOS_TrackEvent object| metricNameMap function| ezlogVital object| _qevents object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count object| webVitals string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL object| ezomash function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosethbbids function| ezoSyncToDfp function| ezoGetDFPSlot function| ezGetSlotViewedTime function| formatBid function| adjustHbValues function| ezasBuild function| ezorefgsl object| google_tag_manager boolean| google_measure_js_timing object| google_tag_data string| GoogleAnalyticsObject function| ga number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| ct object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty function| ezoChar function| ezoCharSize function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins object| gaGlobal object| gaData function| html2canvas object| ko function| moment function| _ object| Game object| Chat function| switchTheme function| saveName function| hideCookieNotice function| initChat function| chatListen function| interruptChatListen function| toggleNotifications function| notificationsAvailable function| showNotification function| AdminViewModel function| AdminUserViewModel function| CardViewModel function| MoveViewModel function| HandViewModel function| PlayerViewModel function| PlayViewModel undefined| nome function| ChatMessageViewModel function| ChatViewModel object| Join function| GameListViewModel function| JoinGameViewModel function| GameViewModel function| GameLobbyViewModel function| RegisterViewModel object| currentChatListenRequest object| $name function| __ez_fad_ezpbinit object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __allBidders function| __ez_tkn_evnt function| __ez_fad_scroll number| __ez_fad_scrollint function| __ez_fad_chkpos object| ezslot_2 object| ezslot_1 number| i3 object| googleToken object| googleIMState function| processGoogleToken object| ezRBA undefined| __ez_dims function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| uglipop object| ezslot_0 function| epbjsRequestAdUnits function| epbjsRefreshSlot object| ezoptbid function| update_cookieconsent_options object| perf_vals string| token object| GoogleGcLKhOms boolean| ezowwinit

24 Cookies

Domain/Path Name / Value
cartascontratugas.pt/ Name: connect.sid
Value: s%3AA5L2CAeuN3aGSH1twAMteMk3Dmr11QuR.L9zejIdEnO0cPoL7A9zn2orJZ9oafACJIH%2ByL5uRgYk
.cartascontratugas.pt/ Name: ezoadgid_181667
Value: -1
.cartascontratugas.pt/ Name: ezoref_181667
Value:
.cartascontratugas.pt/ Name: ezosuibasgeneris-1
Value: 27472aab-1dea-469a-5375-04151111a8f2
.cartascontratugas.pt/ Name: ezoab_181667
Value: mod1
.cartascontratugas.pt/ Name: active_template::181667
Value: pub_site.1647606746
.cartascontratugas.pt/ Name: ezopvc_181667
Value: 1
.cartascontratugas.pt/ Name: ezepvv
Value: 0
.cartascontratugas.pt/ Name: ezovid_181667
Value: 2010892476
.cartascontratugas.pt/ Name: lp_181667
Value: https://cartascontratugas.pt/
.cartascontratugas.pt/ Name: ezovuuidtime_181667
Value: 1647606747
.cartascontratugas.pt/ Name: ezovuuid_181667
Value: a792b526-4ec1-4605-4c04-025d8a567403
cartascontratugas.pt/ Name: ezouspvv
Value: 0
cartascontratugas.pt/ Name: ezouspva
Value: 0
.cartascontratugas.pt/ Name: _ga
Value: GA1.2.224536402.1647606748
.cartascontratugas.pt/ Name: _gid
Value: GA1.2.360694222.1647606748
.cartascontratugas.pt/ Name: _gat_gtag_UA_11976010_2
Value: 1
cartascontratugas.pt/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
cartascontratugas.pt/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.quantserve.com/ Name: mc
Value: 62347bdb-c10c1-45643-4e424
.cartascontratugas.pt/ Name: __qca
Value: P0-374234009-1647606747766
cartascontratugas.pt/ Name: ezux_lpl_181667
Value: 1647606747918|f9026a93-9186-4bb8-62df-1e75598a3565|false
.cartascontratugas.pt/ Name: __gads
Value: ID=f43baf17556931b5:T=1647606747:S=ALNI_MY8x80-uZwgHKm8j4VRi9afN121hg
.doubleclick.net/ Name: IDE
Value: AHWqTUnNF3iwhd2LhgW_rWWonNdkt0YvNvp7yg8wIIlQQBQ7nnHHuvm7IPQO5OClNfg

1 Console Messages

Source Level URL
Text
network error URL: https://ackbure.pro/c/DD9.6/bh2j5YliS-W/Qp9/NbDLEBzFOuTVQDzkMHiA0/0WM/TCM/5TNqDIM/zd
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ackbure.pro
adservice.google.com
adservice.google.de
b9ea93dbff0aad95328edb38e2c72af5.safeframe.googlesyndication.com
cartascontratugas.pt
cdn-0.cartascontratugas.pt
connect.facebook.net
go.ezodn.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
ackbure.pro
18.159.80.129
216.58.208.98
2600:9000:20c3:3000:6:44e3:f8c0:93a1
2606:4700:3031::6815:496e
2606:4700:3035::ac43:c822
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:811::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:400c:c1b::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
049c48e42b71a56d6edf9ea6ec65b82bff494c11d91993f38184d3b5876025f2
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
130f2f612b8ba840db6a5ac925abd6108c8ffc35c4f678a596116b071be95258
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
2dc08df2011d1ad2ba46e00cb7bc5eedaff71bc932b066d2c5640b5996543431
306c6712cf853ae865d9dc6b40458b1e8c76c7a56cc7c0c75043cecd85a8e24a
32b66fd798a628d45fe3fd27c1b2e083f6a61f7d1220ba938ee5dd1786099933
393cf059847f414f58a0493b891f950f4d62492292fc69964ad2c378071e3acd
47642b5eb3d9bd20137ca268df238b16dd3622f1db27f1e16b44bcf85071dd7b
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66b907135310862a4055f4d2c9f56b2380d306285c913ef677891d126ecf92d1
6b2153922a8aa21f7c18649997ce1855317d331f3349f9f8daa9f87c8a9a8693
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c80fb7ca2eb065729a1e8ead88f1514f83c23601c1cc5edc514d13ec161dbf6
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
779b05180e51ca1e53cdd0320be18008d233bc40946e37104e4f639886b93ab9
8086c9cebe8b8f8737773514bc3c6d33f7bb5d70af3c027c31a3919204670493
82177c9096f21876ecb45e5c9068800d3cab3f0a4d70bb6a80fe8a9feaef57d1
8293be81465385971886aed840dd29c946f3f900775242b4f502dbff7f38caec
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
8a0614e857853f6b0c87922b477c236bf4e0d7d6aaaff9fdf70d5bf500a2ed5f
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9f1df8b871ea1777c93e8e6c07189d18ea144e25598ec1d4ab8c85dcf7089bc9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b253810437f52ef20c90a40178ded51c94aeb83f864eaa77046683e0c344af59
b9fa25b9fd31bd5675aa9b37323915ac7bab977ed41cbb1b341cdc34facb3942
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4c94372180cd0426c178fcd18199d3706638a29bc171e3c636cc6ba19f5442
db4943124824e7834261750f95067d64fd6c1d48bae9bf45e8a3b1ff8e0bf17c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e326062ce655b001ecc3af6eb024bd05b2b2dc7026644e29379d92cfdca04bf9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41854e6ee29797f26b5ae261cebad41f4e92c4e6bdd6dd46efb101ab9e52029
ebdf29b74b184013aedeaf8198f9895d237fcd84d42ff56abbc2fe87b3f63f7e
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
fe4192c7ff350f45afc986aa22b79448418e90e7947c23561f297a8eecd6eced
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb