urlscan.io logo urlscan.io
SecurityTrails logo

login.deco.proteste.pt Open in urlscan Pro
2606:4700::6812:8509  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.deco.proteste.pt/area-pessoal/resultados-das-minhas-simulacoes
Effective URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.d...
Submission: On December 08 via manual from PT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 39 HTTP transactions. The main IP is 2606:4700::6812:8509, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.deco.proteste.pt.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2021. Valid for: a year.
This is the only time login.deco.proteste.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2606:4700::6812:8509 (United States)

ASN13335 (CLOUDFLARENET, US)
www.deco.proteste.pt
login.deco.proteste.pt
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    51.38.53.35 (France)

ASN16276 (OVH, FR)
PTR: ns3107307.ip-51-38-53.eu
gapt.hit.gemius.pl
1    146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu
ls.hit.gemius.pl
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    13.69.106.211 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Domain Requested by
16 login.deco.proteste.pt login.deco.proteste.pt
az416426.vo.msecnd.net
9 www.google-analytics.com www.googletagmanager.com
login.deco.proteste.pt
www.google-analytics.com
az416426.vo.msecnd.net
4 gapt.hit.gemius.pl 1 redirects login.deco.proteste.pt
gapt.hit.gemius.pl
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 stats.g.doubleclick.net az416426.vo.msecnd.net
2 www.googletagmanager.com login.deco.proteste.pt
1 www.google.de login.deco.proteste.pt
1 www.google.com login.deco.proteste.pt
1 ls.hit.gemius.pl gapt.hit.gemius.pl
1 az416426.vo.msecnd.net login.deco.proteste.pt
1 cdnjs.cloudflare.com login.deco.proteste.pt
1 www.deco.proteste.pt 1 redirects
39 12

This site contains links to these domains. Also see Links.

Domain
www.deco.proteste.pt
Subject Issuer Validity Valid
proteste.pt
Cloudflare Inc ECC CA-3		 2021-06-05 -
2022-06-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2021-07-22 -
2022-07-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Frame ID: B913A122952D63EFA28A265216CB3B82
Requests: 37 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 5C4F67E0B62EF8693556CD70313F376C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inicie a sessão

Page URL History Show full URLs

  1. https://www.deco.proteste.pt/area-pessoal/resultados-das-minhas-simulacoes HTTP 302
    https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply... Page URL

Page Statistics

39
Requests

97 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

675 kB
Transfer

1554 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.deco.proteste.pt/area-pessoal/resultados-das-minhas-simulacoes HTTP 302
    https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://gapt.hit.gemius.pl/_1638990515318/rexdot.js?l=100&id=d6ZF.YOmGbNUNRXdTljEtZXj.F4pP1hEwKQute6BN4H.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=7jklZ88fVWDXWxLAsou6jbQZ0PO2XIT_xI_Sv_LWGIn.07yJ1kCD9n6oiWU5L.PGerA2Cvy76wxoNNryQXuoqMcn3kf5/WwwPLP.xIXjO2/&fpdata=i7GAdC7NzCnTk5mPUZhaR95yGwEK8GMaI5vuTLiCWK3.h7&vis=1&fpcap= HTTP 301
  • https://gapt.hit.gemius.pl/__/_1638990515318/rexdot.js?l=100&id=d6ZF.YOmGbNUNRXdTljEtZXj.F4pP1hEwKQute6BN4H.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=7jklZ88fVWDXWxLAsou6jbQZ0PO2XIT_xI_Sv_LWGIn.07yJ1kCD9n6oiWU5L.PGerA2Cvy76wxoNNryQXuoqMcn3kf5/WwwPLP.xIXjO2/&fpdata=i7GAdC7NzCnTk5mPUZhaR95yGwEK8GMaI5vuTLiCWK3.h7&vis=1&fpcap=

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.deco.proteste.pt/
Redirect Chain
  • https://www.deco.proteste.pt/area-pessoal/resultados-das-minhas-simulacoes
  • https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=...
14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e0be14d721e6e23b2d5ebb2e8c121653b01da1ed4573de5bc2bb258bfb407601
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors https://www.deco.proteste.pt/ https://*.deco.proteste.pt http://*.conseur.org
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.deco.proteste.pt/ https://*.deco.proteste.pt
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
p3p
CP="NONE"
x-aspnetmvc-version
5.2
x-frame-options
ALLOW-FROM https://www.deco.proteste.pt/ https://*.deco.proteste.pt
content-security-policy
upgrade-insecure-requests; frame-ancestors https://www.deco.proteste.pt/ https://*.deco.proteste.pt http://*.conseur.org
x-xss-protection
1; mode=block
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6ba84879c85383b4-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-type
text/html; charset=utf-8
location
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
cache-control
no-cache, no-store
pragma
no-cache
expires
-1
x-frame-options
SAMEORIGIN
ec-machine
INT-ASCPT-PWS09
ec-corrid
bb413f62493242e4bb6fa12ce7d991e9
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
access-control-expose-headers
Request-Context
content-security-policy
upgrade-insecure-requests;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6ba84877188b83b4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
490038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvYVDwFd5DPg6IOGABKXZrmqdosaUTGvs5frRApB9JSrvfyaeB2i%2BH1Hj7%2BZsWc%2BgmWD%2Fi7CTeccNIBqeBvRtjqZOz0fjtTKKlA4MO8lKWLZyfvkUQcs0OnX2h4jFu5NXXgwvbOKiv6%2BU34%2FyrkzoPKG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ba8487d194059d1-MXP
expires
Mon, 28 Nov 2022 19:08:34 GMT
bean-bundle-css
login.deco.proteste.pt/bundles/ 		65 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/bundles/bean-bundle-css?v=9H_ZCz7FYbgHjfKRbo36-nabEWUk_iNNdppkB75tAos1
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a9be938ee9edbcc8c62e7f1f495b9c56990a2772979a88b05c58e0bca8d07ee4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
last-modified
Wed, 08 Dec 2021 19:08:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
content-security-policy
upgrade-insecure-requests;
cf-ray
6ba8487b8df083b4-MXP
expires
Thu, 08 Dec 2022 19:08:34 GMT
styles-local.css
login.deco.proteste.pt/content/virtual/combined/euroconsumers.pro.alinesc.pt-pt/ 		3 KB
739 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/content/virtual/combined/euroconsumers.pro.alinesc.pt-pt/styles-local.css?v=MjAyMC4xMi4xMC4yMzY2Mw
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bb13c1ae5a51325bfdf7c9e2e6165437d5003642e9439abe81c52cd9d3e1f610
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
last-modified
Wed, 08 Dec 2021 19:08:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
cf-ray
6ba8487bff4283b4-MXP
expires
Thu, 08 Dec 2022 19:08:34 GMT
bean-bundle-js
login.deco.proteste.pt/bundles/ 		391 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/bundles/bean-bundle-js?v=YbjdXgk0NCL1i-ku9J4MnyG-J8zSUoYWQkmrtfITX_Y1
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3be479d1167b27b7a75f7a86a8dc2e2270faa7c0dad40cfee92b72b5b8babbcc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
last-modified
Wed, 08 Dec 2021 19:08:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
content-security-policy
upgrade-insecure-requests;
cf-ray
6ba8487bff4383b4-MXP
expires
Thu, 08 Dec 2022 19:08:34 GMT
bean.all.js
login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/ 		3 B
74 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/bean.all.js?v=MjAyMC4xMi4xMC4yMzY2Mw
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
cf-ray
6ba8487bff4683b4-MXP
expires
Thu, 08 Dec 2022 19:08:34 GMT
bean.login.js
login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/ 		701 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/bean.login.js?v=MjAyMC4xMi4xMC4yMzY2Mw
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c2c0fb933e324a0e1185c7b0843c6a8ece6c260fbfaddcff5e4550aaeec9d6bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
cf-ray
6ba8487bff4783b4-MXP
expires
Thu, 08 Dec 2022 19:08:34 GMT
api.js
login.deco.proteste.pt/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript
vary
Accept-Encoding
cache-control
max-age=604800, public
cf-ray
6ba8487d48d00e2a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1280
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
62b5c26e-d01e-0079-3964-ec1451000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 08 Dec 2021 19:38:34 GMT
UpdateDeviceType
login.deco.proteste.pt/ContentService/ 		16 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/ContentService/UpdateDeviceType?deviceType=desktop
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/bundles/bean-bundle-js?v=YbjdXgk0NCL1i-ku9J4MnyG-J8zSUoYWQkmrtfITX_Y1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors https://www.deco.proteste.pt/ https://*.deco.proteste.pt http://*.conseur.org
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.deco.proteste.pt/ https://*.deco.proteste.pt
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16
x-xss-protection
1; mode=block
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
server
cloudflare
x-frame-options
ALLOW-FROM https://www.deco.proteste.pt/ https://*.deco.proteste.pt
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private
content-security-policy
upgrade-insecure-requests; frame-ancestors https://www.deco.proteste.pt/ https://*.deco.proteste.pt http://*.conseur.org
cf-ray
6ba8487da9a40e2a-MXP
gtm.js
www.googletagmanager.com/ 		118 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-59ZNVG
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1e81e5a3cabca062e849aa515ea317d36ebc9e6509d0fe60c2fc9f50ce8ecf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43341
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Dec 2021 19:08:34 GMT
bgtransparent.png
login.deco.proteste.pt/content/root/ 		38 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.deco.proteste.pt/content/root/bgtransparent.png
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/bundles/bean-bundle-css?v=9H_ZCz7FYbgHjfKRbo36-nabEWUk_iNNdppkB75tAos1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30737638e14ad4b957636666b26e22a1ce0550224775d260c11d4bd92519d720
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/bundles/bean-bundle-css?v=9H_ZCz7FYbgHjfKRbo36-nabEWUk_iNNdppkB75tAos1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:34 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
ASP.NET
p3p
CP="NONE"
content-disposition
inline; filename="bgtransparent.webp"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
expires
Thu, 08 Dec 2022 19:08:34 GMT
last-modified
Tue, 30 Nov 2021 12:07:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"015bbe2e2e5d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
cf-polished
origFmt=png, origSize=162
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6ba8487da9b00e2a-MXP
cf-bgj
imgq:100,h2pri
logo-fb.png
login.deco.proteste.pt/content/root/ 		888 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.deco.proteste.pt/content/root/logo-fb.png
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/bundles/bean-bundle-css?v=9H_ZCz7FYbgHjfKRbo36-nabEWUk_iNNdppkB75tAos1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ccca156dc91e989533b50688c460cd5969e817af988ac9a87a00a4fa778724ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/bundles/bean-bundle-css?v=9H_ZCz7FYbgHjfKRbo36-nabEWUk_iNNdppkB75tAos1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
ASP.NET
p3p
CP="NONE"
content-disposition
inline; filename="logo-fb.webp"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
888
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
expires
Thu, 08 Dec 2022 19:08:35 GMT
last-modified
Tue, 30 Nov 2021 12:07:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"042ece3e2e5d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
cf-polished
origFmt=png, origSize=2053
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6ba8487da9b60e2a-MXP
cf-bgj
imgq:100,h2pri
logo-twitter.png
login.deco.proteste.pt/content/root/ 		622 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.deco.proteste.pt/content/root/logo-twitter.png
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/bundles/bean-bundle-css?v=9H_ZCz7FYbgHjfKRbo36-nabEWUk_iNNdppkB75tAos1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3dea47463c2f210d351f46d7a3c8fd558b29e60ef34c7238e74d410489f6bf66
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/bundles/bean-bundle-css?v=9H_ZCz7FYbgHjfKRbo36-nabEWUk_iNNdppkB75tAos1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
ASP.NET
p3p
CP="NONE"
content-disposition
inline; filename="logo-twitter.webp"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
622
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
expires
Thu, 08 Dec 2022 19:08:34 GMT
last-modified
Tue, 30 Nov 2021 12:07:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"042ece3e2e5d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
cf-polished
origFmt=png, origSize=2116
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6ba8487da9b80e2a-MXP
cf-bgj
imgq:100,h2pri
result
login.deco.proteste.pt/cdn-cgi/bm/cv/ 		0
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.deco.proteste.pt/cdn-cgi/bm/cv/result?req_id=6ba84879c85383b4
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Request-Id
|452c1b03bc49f94bb2042ddcf5438381.wzioe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
date
Wed, 08 Dec 2021 19:08:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cf-ray
6ba8487e4afb0e2a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59ZNVG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5616
date
Wed, 08 Dec 2021 17:34:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 08 Dec 2021 19:34:59 GMT
gtm.js
www.googletagmanager.com/ 		302 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M6HFS7S
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4ff6515e68a1e40f11c1aaceeb63168d59e75c13bc9f33e59b53098cf66a9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90688
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Dec 2021 19:08:35 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64737708-3&cid=507200409.1638990515&jid=316584981&gjid=1794412980&_gid=814321426.1638990515&_u=YGBAgEABAAAAAE~&z=287609810
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.deco.proteste.pt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 08 Dec 2021 19:08:35 GMT
content-type
text/plain
access-control-allow-origin
https://login.deco.proteste.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=575319578&t=pageview&_s=1&dl=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ul=en-us&de=UTF-8&dt=Inicie%20a%20sess%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=316584981&gjid=1794412980&cid=507200409.1638990515&tid=UA-64737708-3&_gid=814321426.1638990515&gtm=2wgc1059ZNVG&z=874835458
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 20:39:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80939
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		123 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5D79FMF&t=gtm8&cid=507200409.1638990515&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9842eaa00bc0de7d8e8bba82851ef94b975f64e8ba89b368a030f36695d2bb1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41567
x-xss-protection
0
expires
Wed, 08 Dec 2021 19:08:35 GMT
xgemius.js
gapt.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gapt.hit.gemius.pl/xgemius.js
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.38.53.35 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3107307.ip-51-38-53.eu
Software
GHC /
Resource Hash
6a0abe549f1a0ff0ec26ec95fb6eba6ad90dbf8d72cdc684041df21d038c9cc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
content-encoding
gzip
last-modified
Wed, 24 Nov 2021 13:46:08 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Thu, 09 Dec 2021 07:08:35 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=575319578&t=pageview&_s=1&dl=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ul=en-us&de=UTF-8&dt=Inicie%20a%20sess%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAG~&jid=1278399296&gjid=915140011&cid=507200409.1638990515&tid=UA-110138749-4&_gid=814321426.1638990515&_r=1&gtm=2wgc10M6HFS7S&cg1=login%20-%20registration%20form&cg2=other%20content%20type&cd2=pt-PT&cd3=false&cd4=false&cd15=pt-PT&cd16=false&cd17=false&cd22=Anonymous&cd23=Anonymous&cd27=Anonymous%20User&cd28=Anonymous%20User&cd29=Prospect&cd30=Prospect&cd39=bean&cd40=bean&cd48=GA1.2.507200409.1638990515&z=1128157421
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.deco.proteste.pt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.deco.proteste.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fpdata.js
gapt.hit.gemius.pl/ 		280 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gapt.hit.gemius.pl/fpdata.js?href=login.deco.proteste.pt
Requested by
Host: gapt.hit.gemius.pl
URL: https://gapt.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.38.53.35 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3107307.ip-51-38-53.eu
Software
GHC /
Resource Hash
a98774881b31a60a9ea0c65caafb8d81382af46219d4906820679a7e4f6ec70e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
280
expires
Fri, 07 Jan 2022 19:08:35 GMT
lsget.html
ls.hit.gemius.pl/ Frame 5C4F 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gapt.hit.gemius.pl
URL: https://gapt.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
7064398d46cb4c1a9317152703b1bd6ae4884877e21b7d31bfda4e8e9527a756

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
expires
Fri, 07 Jan 2022 19:08:35 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2719
content-encoding
gzip
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-110138749-4&cid=507200409.1638990515&jid=1278399296&gjid=915140011&_gid=814321426.1638990515&_u=aGDACEADRAAAAG~&z=499335119
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.deco.proteste.pt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 08 Dec 2021 19:08:35 GMT
content-type
text/plain
access-control-allow-origin
https://login.deco.proteste.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-110138749-4&cid=507200409.1638990515&jid=1278399296&_u=aGDACEADRAAAAG~&z=1994180026
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-110138749-4&cid=507200409.1638990515&jid=1278399296&_u=aGDACEADRAAAAG~&z=1994180026
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rexdot.js
gapt.hit.gemius.pl/__/_1638990515318/
Redirect Chain
  • https://gapt.hit.gemius.pl/_1638990515318/rexdot.js?l=100&id=d6ZF.YOmGbNUNRXdTljEtZXj.F4pP1hEwKQute6BN4H.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Flogin.deco....
  • https://gapt.hit.gemius.pl/__/_1638990515318/rexdot.js?l=100&id=d6ZF.YOmGbNUNRXdTljEtZXj.F4pP1hEwKQute6BN4H.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Flogin.de...
169 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gapt.hit.gemius.pl/__/_1638990515318/rexdot.js?l=100&id=d6ZF.YOmGbNUNRXdTljEtZXj.F4pP1hEwKQute6BN4H.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=7jklZ88fVWDXWxLAsou6jbQZ0PO2XIT_xI_Sv_LWGIn.07yJ1kCD9n6oiWU5L.PGerA2Cvy76wxoNNryQXuoqMcn3kf5/WwwPLP.xIXjO2/&fpdata=i7GAdC7NzCnTk5mPUZhaR95yGwEK8GMaI5vuTLiCWK3.h7&vis=1&fpcap=
Requested by
Host: login.deco.proteste.pt
URL: https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
Protocol
H2
Server
51.38.53.35 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3107307.ip-51-38-53.eu
Software
GHC /
Resource Hash
bca7f9dc7f6589c46678a8f6207ed8c7b810bf98a85baf84a00e86b0f3c11d06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 19:08:35 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Tue, 07 Dec 2021 19:08:35 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Dec 2021 19:08:35 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1638990515318/rexdot.js?l=100&id=d6ZF.YOmGbNUNRXdTljEtZXj.F4pP1hEwKQute6BN4H.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=7jklZ88fVWDXWxLAsou6jbQZ0PO2XIT_xI_Sv_LWGIn.07yJ1kCD9n6oiWU5L.PGerA2Cvy76wxoNNryQXuoqMcn3kf5/WwwPLP.xIXjO2/&fpdata=i7GAdC7NzCnTk5mPUZhaR95yGwEK8GMaI5vuTLiCWK3.h7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 07 Dec 2021 19:08:35 GMT
userpack-left.jpg
login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/userpack-left.jpg?v=MjAyMC4xMi4xMC4yMzY2Mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
898404a724adfa789a67791ae9256a7581b6e07bfe04c32cbf4aa22922857e7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
109602
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
server
cloudflare
x-frame-options
SAMEORIGIN
etag
2CPlen7M8U2LNWD9WYO01w
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6ba8488189520e2a-MXP
expires
Thu, 08 Dec 2022 19:08:35 GMT
logo-small.png
login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/logo-small.png?v=MjAyMC4xMi4xMC4yMzY2Mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2d73337f17cdea015e1516ad889674a0c9f9e96f690fc79e294a2a2eedf9f709
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4871
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
server
cloudflare
x-frame-options
SAMEORIGIN
etag
2CPlen7M8U2LNWD9WYO01w
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6ba8488189540e2a-MXP
expires
Thu, 08 Dec 2022 19:08:35 GMT
userpack-mobile1.jpg
login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/userpack-mobile1.jpg?v=MjAyMC4xMi4xMC4yMzY2Mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4e5410e5104cb3c4786511b0b64f3366060310d13c1f33a37e8900290dced84a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45507
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
server
cloudflare
x-frame-options
SAMEORIGIN
etag
Y5ozoV8xh0WmChaqKz8wFg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6ba84881897a0e2a-MXP
expires
Thu, 08 Dec 2022 19:08:35 GMT
userpack-mobile2.jpg
login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.deco.proteste.pt/content/virtual/euroconsumers.pro.alinesc.pt-pt/userpack-mobile2.jpg?v=MjAyMC4xMi4xMC4yMzY2Mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
925039ddd3ca461bf74a8f1bd136a9e02790f0d7ceb780279414c497a3d37786
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/?wa=wsignin1.0&wtrealm=eur%3a%2f%2feuroconsumers.pro.alinesc.pt-pt%2f&wreply=https%3a%2f%2fwww.deco.proteste.pt%2farea-pessoal%2fresultados-das-minhas-simulacoes&wct=2021-12-08T19%3a08%3a34Z&wctx=rm%3d0%26id%3dpassive%26ru%3d%252farea-pessoal%252fresultados-das-minhas-simulacoes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:08:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NONE"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
130128
request-context
appId=cid-v1:40f5f67e-1270-480e-b3cc-f108255e2977
x-aspnetmvc-version
5.2
server
cloudflare
x-frame-options
SAMEORIGIN
etag
Y5ozoV8xh0WmChaqKz8wFg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6ba8488199890e2a-MXP
expires
Thu, 08 Dec 2022 19:08:35 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=575319578&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ul=en-us&de=UTF-8&dt=Inicie%20a%20sess%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Articles&ea=50%25%20Scroll%20Rate&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=507200409.1638990515&tid=UA-110138749-4&_gid=814321426.1638990515&gtm=2wgc10M6HFS7S&cg1=login%20-%20registration%20form&cg2=other%20content%20type&cd2=pt-PT&cd3=false&cd4=false&cd15=pt-PT&cd16=false&cd17=false&cd22=Anonymous&cd23=Anonymous&cd27=Anonymous%20User&cd28=Anonymous%20User&cd29=Prospect&cd30=Prospect&cd39=bean&cd40=bean&cd48=GA1.2.507200409.1638990515&cm1=20&z=1265884932
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 20:39:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80939
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=575319578&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ul=en-us&de=UTF-8&dt=Inicie%20a%20sess%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Articles&ea=50%25%20Scroll%20Rate&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=507200409.1638990515&tid=UA-110138749-4&_gid=814321426.1638990515&gtm=2wgc10M6HFS7S&cg1=login%20-%20registration%20form&cg2=other%20content%20type&cd2=pt-PT&cd3=false&cd4=false&cd15=pt-PT&cd16=false&cd17=false&cd22=Anonymous&cd23=Anonymous&cd27=Anonymous%20User&cd28=Anonymous%20User&cd29=Prospect&cd30=Prospect&cd39=bean&cd40=bean&cd48=GA1.2.507200409.1638990515&cm1=20&z=1372217514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 20:39:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80939
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=575319578&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ul=en-us&de=UTF-8&dt=Inicie%20a%20sess%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Articles&ea=50%25%20Scroll%20Rate&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=507200409.1638990515&tid=UA-110138749-4&_gid=814321426.1638990515&gtm=2wgc10M6HFS7S&cg1=login%20-%20registration%20form&cg2=other%20content%20type&cd2=pt-PT&cd3=false&cd4=false&cd15=pt-PT&cd16=false&cd17=false&cd22=Anonymous&cd23=Anonymous&cd27=Anonymous%20User&cd28=Anonymous%20User&cd29=Prospect&cd30=Prospect&cd39=bean&cd40=bean&cd48=GA1.2.507200409.1638990515&cm1=20&z=1467463749
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 20:39:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80939
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=575319578&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ul=en-us&de=UTF-8&dt=Inicie%20a%20sess%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Articles&ea=50%25%20Scroll%20Rate&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=507200409.1638990515&tid=UA-110138749-4&_gid=814321426.1638990515&gtm=2wgc10M6HFS7S&cg1=login%20-%20registration%20form&cg2=other%20content%20type&cd2=pt-PT&cd3=false&cd4=false&cd15=pt-PT&cd16=false&cd17=false&cd22=Anonymous&cd23=Anonymous&cd27=Anonymous%20User&cd28=Anonymous%20User&cd29=Prospect&cd30=Prospect&cd39=bean&cd40=bean&cd48=GA1.2.507200409.1638990515&cm1=20&z=45695174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 20:39:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80939
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=575319578&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin.deco.proteste.pt%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Deur%253a%252f%252feuroconsumers.pro.alinesc.pt-pt%252f%26wreply%3Dhttps%253a%252f%252fwww.deco.proteste.pt%252farea-pessoal%252fresultados-das-minhas-simulacoes%26wct%3D2021-12-08T19%253a08%253a34Z%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252farea-pessoal%25252fresultados-das-minhas-simulacoes&ul=en-us&de=UTF-8&dt=Inicie%20a%20sess%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Articles&ea=50%25%20Scroll%20Rate&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=507200409.1638990515&tid=UA-110138749-4&_gid=814321426.1638990515&gtm=2wgc10M6HFS7S&cg1=login%20-%20registration%20form&cg2=other%20content%20type&cd2=pt-PT&cd3=false&cd4=false&cd15=pt-PT&cd16=false&cd17=false&cd22=Anonymous&cd23=Anonymous&cd27=Anonymous%20User&cd28=Anonymous%20User&cd29=Prospect&cd30=Prospect&cd39=bean&cd40=bean&cd48=GA1.2.507200409.1638990515&cm1=20&z=2104204166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.deco.proteste.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 20:39:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80939
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://login.deco.proteste.pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 19:08:34 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ec45badb70848e37c66ce362d86017a89247d694c14a27b3e8c695c44a96b6d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://login.deco.proteste.pt/
Accept-Language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
AFA8220B-5A61-40C3-B558-1A36E004D184
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 19:08:35 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| appInsights object| properties function| followBeanLink function| followBeanLinkBase64Encoded function| getParameterByName function| UpdateDeviceType function| ShowModalPopup function| ShowModalAndSetContentFromSitecore function| ShowModalAndSetPolicyContentFromSitecore function| OnSubmit function| ShowModalAndSetContentFromResourceKey function| ShowModalAndSetContentFromSiteCore function| ShowModalAndSetContentByKey function| convertLabelToPlaceholder function| UpdateModelContent function| hookConfirmationEmailMessage function| smoothScroll function| setEcPolicyCookie function| $ function| jQuery object| html5 object| Modernizr object| Detectizr string| realm object| dataLayer object| __CF$cv$params object| a0_0x433e function| a0_0x3d7e object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| postscribe object| google_tag_manager_external string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| setCookie function| getCookie function| eraseCookie function| cleanDomain function| addElement function| objToString object| utm_list object| sitelist object| exclusion_list object| search_engines_list function| assign_by_gclid_dclid function| find_utm_values function| match_subdomain function| assign_by_referral function| assign_by_utm function| get_and_store_all_for_debug function| channel_grouping object| old_cookie object| new_cookie string| source_value string| medium_value string| referral_value string| channel_group_value string| url object| user_values object| record object| mdm_value object| src_value object| ref_value object| chgr_value function| onYouTubeIframeAPIReady object| google_optimize object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt

17 Cookies

Domain/Path Name / Value
www.deco.proteste.pt/ Name: ASP.NET_SessionId
Value: grpjqdzhd0ebg3aemtxskiq0
www.deco.proteste.pt/ Name: __RequestVerificationToken
Value: UcAYjR2oqbhfbNf1Xe3rrnd8squ2V9hZxbbL3S4ooTrKIi6g_BJgzOsjoQ_yMCW3Ec4rLkJthQ6VqV9dwRghwXRr5Go1
login.deco.proteste.pt/ Name: ASP.NET_SessionId
Value: pl1xmnk4iys4rbycu0zatxjl
login.deco.proteste.pt/ Name: beanContextCookie
Value: latestMessage=d2E9d3NpZ25pbjEuMCZ3dHJlYWxtPWV1ciUzYSUyZiUyZmV1cm9jb25zdW1lcnMucHJvLmFsaW5lc2MucHQtcHQlMmYmd3JlcGx5PWh0dHBzJTNhJTJmJTJmd3d3LmRlY28ucHJvdGVzdGUucHQlMmZhcmVhLXBlc3NvYWwlMmZyZXN1bHRhZG9zLWRhcy1taW5oYXMtc2ltdWxhY29lcyZ3Y3Q9MjAyMS0xMi0wOFQxOSUzYTA4JTNhMzRaJndjdHg9cm0lM2QwJTI2aWQlM2RwYXNzaXZlJTI2cnUlM2QlMjUyZmFyZWEtcGVzc29hbCUyNTJmcmVzdWx0YWRvcy1kYXMtbWluaGFzLXNpbXVsYWNvZXM
login.deco.proteste.pt/ Name: __RequestVerificationToken
Value: kf-gUXf5oGEXzAcPOXoHs9gYn9DnLVX8aKXwfrDY9w-uew4Hc0ceu2l1kh3gD9MoDj-UPjv-46kLJPeaPKGSru9rAP_N4funsCwuWwoFMX01
login.deco.proteste.pt/ Name: ai_user
Value: 5TDpf|2021-12-08T19:08:34.853Z
.proteste.pt/ Name: __cf_bm
Value: f1tmmta_IPD57VhlG5T4zOEr4EQ5XLO9J3cxoR87eWo-1638990514-0-AQIfKh3RKzJGZlBq5A4CCQbWh4nAxlRbdqUHUWby0IrK8OFCEePnGXUL2Ru4EL5U5lvBTiEzEri6VNNPmrUxO+hAPHfH4hwW0HENeVggpAkpmDclv/gvYBslh9s2oHAqSw==
login.deco.proteste.pt/ Name: ai_session
Value: s+0gV|1638990514962.6|1638990514962.6
.proteste.pt/ Name: _ga
Value: GA1.2.507200409.1638990515
.proteste.pt/ Name: _gid
Value: GA1.2.814321426.1638990515
.proteste.pt/ Name: _dc_gtm_UA-64737708-3
Value: 1
.proteste.pt/ Name: _gcl_au
Value: 1.1.105498841.1638990515
.proteste.pt/ Name: new_ec_3rdChannelGrouping
Value: [-0: null,-1: null,-2: null,-3: null,-4: null,-5: null,-medium: "direct",-source: "none",-referrer: "",-ChannelGrouping: "Direct"-]
.proteste.pt/ Name: _gat_UA-110138749-4
Value: 1
.proteste.pt/ Name: __gfp_64b
Value: i7GAdC7NzCnTk5mPUZhaR95yGwEK8GMaI5vuTLiCWK3.h7|1638990515
.hit.gemius.pl/ Name: Gtest
Value: KlQH8RMGQMGGaFkmHHoDaniissGMXP8c25nSGst1wP4IXBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlSC4RaGQMGGaFkmHHoDaniissGMXP8c25nSGst1wP4IFRxSG7RrGS6GroXBFlM1YH8PlexaG0F6Sssa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors https://www.deco.proteste.pt/ https://*.deco.proteste.pt http://*.conseur.org
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.deco.proteste.pt/ https://*.deco.proteste.pt
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdnjs.cloudflare.com
dc.services.visualstudio.com
gapt.hit.gemius.pl
login.deco.proteste.pt
ls.hit.gemius.pl
stats.g.doubleclick.net
www.deco.proteste.pt
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.69.106.211
146.59.30.96
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:135e
2606:4700::6812:8509
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2003
2a00:1450:4001:829::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9c
51.38.53.35
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3
2d73337f17cdea015e1516ad889674a0c9f9e96f690fc79e294a2a2eedf9f709
30737638e14ad4b957636666b26e22a1ce0550224775d260c11d4bd92519d720
3be479d1167b27b7a75f7a86a8dc2e2270faa7c0dad40cfee92b72b5b8babbcc
3dea47463c2f210d351f46d7a3c8fd558b29e60ef34c7238e74d410489f6bf66
4e5410e5104cb3c4786511b0b64f3366060310d13c1f33a37e8900290dced84a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
6a0abe549f1a0ff0ec26ec95fb6eba6ad90dbf8d72cdc684041df21d038c9cc6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7064398d46cb4c1a9317152703b1bd6ae4884877e21b7d31bfda4e8e9527a756
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
898404a724adfa789a67791ae9256a7581b6e07bfe04c32cbf4aa22922857e7c
925039ddd3ca461bf74a8f1bd136a9e02790f0d7ceb780279414c497a3d37786
9842eaa00bc0de7d8e8bba82851ef94b975f64e8ba89b368a030f36695d2bb1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4ff6515e68a1e40f11c1aaceeb63168d59e75c13bc9f33e59b53098cf66a9ae
a98774881b31a60a9ea0c65caafb8d81382af46219d4906820679a7e4f6ec70e
a9be938ee9edbcc8c62e7f1f495b9c56990a2772979a88b05c58e0bca8d07ee4
b1e81e5a3cabca062e849aa515ea317d36ebc9e6509d0fe60c2fc9f50ce8ecf0
bb13c1ae5a51325bfdf7c9e2e6165437d5003642e9439abe81c52cd9d3e1f610
bca7f9dc7f6589c46678a8f6207ed8c7b810bf98a85baf84a00e86b0f3c11d06
c2c0fb933e324a0e1185c7b0843c6a8ece6c260fbfaddcff5e4550aaeec9d6bf
ccca156dc91e989533b50688c460cd5969e817af988ac9a87a00a4fa778724ef
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be14d721e6e23b2d5ebb2e8c121653b01da1ed4573de5bc2bb258bfb407601
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec45badb70848e37c66ce362d86017a89247d694c14a27b3e8c695c44a96b6d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629