correiodoestado-br.portalms.info Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://correiodoestado-br.portalms.info/
Submission: On April 16 via api (April 16th 2024, 12:31:29 pm UTC) from US — Scanned from NL

Summary HTTP 80 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 24 domains to perform 80 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is correiodoestado-br.portalms.info.
TLS certificate: Issued by GTS CA 1P5 on March 6th 2024. Valid for: 3 months.

This is the only time correiodoestado-br.portalms.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
18	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:1ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:ce0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	108.138.34.18 108.138.34.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:400:5:6af1:95c0:21	16509 (AMAZON-02) (AMAZON-02)
2	172.240.253.132 172.240.253.132	7979 (SERVERS-COM) (SERVERS-COM)
1 5	178.162.215.162 178.162.215.162	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	172.67.159.162 172.67.159.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	162.19.96.13 162.19.96.13	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	13.95.152.229 13.95.152.229	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 15	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	54.194.192.48 54.194.192.48	16509 (AMAZON-02) (AMAZON-02)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
80	32

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

correiodoestado-br.portalms.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

correiodoestado-br.portalms.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:1ab (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ce0 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.horoscopovirtual.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.34.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-18.muc50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:400:5:6af1:95c0:21 (United States)

ASN16509 (AMAZON-02, US)

dtokw98w8oklz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)

demiseskill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.162.215.162 (Germany) 1 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)

vmuid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origunix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pupspu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d0dcda1528231911fc91cae3c616334f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.96.13 (Paris, France)

ASN16276 (OVH, FR)
PTR: haproxy04.cl13.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ab (United States)

ASN13335 (CLOUDFLARENET, US)

osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.95.152.229 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.smrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.192.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-192-48.eu-west-1.compute.amazonaws.com

ap-adserver.igaming-ap-service.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	portalms.info correiodoestado-br.portalms.info	56 KB
12	yandex.com 5 redirects mc.yandex.com — Cisco Umbrella Rank: 9597	8 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 d0dcda1528231911fc91cae3c616334f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	104 KB
6	cloudfront.net d335luupugsy2.cloudfront.net dtokw98w8oklz.cloudfront.net	86 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 87	169 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4409	74 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	89 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	233 KB
3	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 153972 osp-assets.pn.vg — Cisco Umbrella Rank: 208259	70 KB
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 108352 popups.rdstation.com.br — Cisco Umbrella Rank: 89650	810 B
2	igaming-ap-service.io ap-adserver.igaming-ap-service.io — Cisco Umbrella Rank: 145961	234 B
2	google.nl www.google.nl — Cisco Umbrella Rank: 10632	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3076 www.google.com — Cisco Umbrella Rank: 2	328 B
2	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7336	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
2	pupspu.com pupspu.com — Cisco Umbrella Rank: 34141	59 KB
2	vmuid.com vmuid.com — Cisco Umbrella Rank: 861741	11 KB
2	demiseskill.com demiseskill.com — Cisco Umbrella Rank: 857837
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 376 fonts.googleapis.com — Cisco Umbrella Rank: 35	9 KB
1	smrk.io p.smrk.io — Cisco Umbrella Rank: 222873	612 B
1	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9367	41 KB
1	origunix.com 1 redirects origunix.com — Cisco Umbrella Rank: 835724	364 B
1	horoscopovirtual.com.br widget.horoscopovirtual.com.br	1 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 2867	62 KB
80	24

	Domain	Requested by
19	correiodoestado-br.portalms.info	correiodoestado-br.portalms.info
12	mc.yandex.com	5 redirects correiodoestado-br.portalms.info mc.yandex.ru
5	d335luupugsy2.cloudfront.net	correiodoestado-br.portalms.info d335luupugsy2.cloudfront.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net dtokw98w8oklz.cloudfront.net
3	mc.yandex.ru	1 redirects correiodoestado-br.portalms.info
3	connect.facebook.net	correiodoestado-br.portalms.info connect.facebook.net
3	www.googletagmanager.com	correiodoestado-br.portalms.info www.googleoptimize.com
3	securepubads.g.doubleclick.net	correiodoestado-br.portalms.info securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ap-adserver.igaming-ap-service.io	dtokw98w8oklz.cloudfront.net
2	www.google.nl	correiodoestado-br.portalms.info
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	events.newsroom.bi	sdk.mrf.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pupspu.com	correiodoestado-br.portalms.info origunix.com
2	vmuid.com	correiodoestado-br.portalms.info vmuid.com
2	demiseskill.com	correiodoestado-br.portalms.info
2	cdn.pn.vg	correiodoestado-br.portalms.info cdn.pn.vg
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	p.smrk.io	cdn.pn.vg
1	www.google.com	correiodoestado-br.portalms.info
1	region1.analytics.google.com	www.googletagmanager.com
1	osp-assets.pn.vg	cdn.pn.vg
1	d0dcda1528231911fc91cae3c616334f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	sdk.mrf.io	correiodoestado-br.portalms.info
1	origunix.com	1 redirects
1	dtokw98w8oklz.cloudfront.net	correiodoestado-br.portalms.info
1	widget.horoscopovirtual.com.br	correiodoestado-br.portalms.info
1	www.googleoptimize.com	correiodoestado-br.portalms.info
1	fonts.googleapis.com	correiodoestado-br.portalms.info
1	ajax.googleapis.com	correiodoestado-br.portalms.info
80	32

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
materiais.correiodoestado-br.portalms.info
cartaomasterclin.com.br
_holos
wa.me
ajor.org.br
goo.gl
www.dothcom.net
www.dothnews.com.br

Subject Issuer	Validity	Valid
portalms.info GTS CA 1P5	`2024-03-06` - `2024-06-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
pn.vg GTS CA 1P5	`2024-02-20` - `2024-05-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-24` - `2024-04-23`	3 months	crt.sh
horoscopovirtual.com.br GTS CA 1P5	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
demiseskill.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
vmuid.com R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
sdk.mrf.io E1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
ssl03.cert.cl13.k8s.mrf.io R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
smrk.io R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
pupspu.com R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.igaming-ap-service.io Sectigo RSA Domain Validation Secure Server CA	`2024-03-07` - `2025-03-21`	a year	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-08-31` - `2024-06-04`	9 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
popups.rdstation.com.br R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://correiodoestado-br.portalms.info/
Frame ID: 2E6C64852F307125B38F65F4CEDC8BA8
Requests: 77 HTTP requests in this frame

Frame: https://d0dcda1528231911fc91cae3c616334f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2794FA576867CB6EBD406EC2E683750E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95EFDC32C58772A51BF3E2B355B29629
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Correio do Estado

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

93 %
HTTPS

58 %
IPv6

24
Domains

32
Subdomains

32
IPs

7
Countries

1092 kB
Transfer

3622 kB
Size

46
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/correioestado/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/correiodoestado

Search URL Search Domain Scan URL

URL: https://twitter.com/correio_estado

Search URL Search Domain Scan URL

URL: https://materiais.correiodoestado-br.portalms.info/funil-base-pagina-de-vendas/
Title: A S S I N E

Search URL Search Domain Scan URL

URL: https://cartaomasterclin.com.br/clientes/hotsite/correiodoestado
Title: Clube de Vantagens

Search URL Search Domain Scan URL

URL: https://_holos/
Title: ENTRAR

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcidades%2Fcimi-critica-lula-por-propor-a-riedel-compra-de-fazenda-para-salvar%2F428982%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/cidades/cimi-critica-lula-por-propor-a-riedel-compra-de-fazenda-para-salvar/428982/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/cidades/cimi-critica-lula-por-propor-a-riedel-compra-de-fazenda-para-salvar/428982/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fnoticias-s%2Fsinais-de-alerta-na-economia-inflacao-e-taxa-de-juros%2F428978%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/noticias-s/sinais-de-alerta-na-economia-inflacao-e-taxa-de-juros/428978/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/noticias-s/sinais-de-alerta-na-economia-inflacao-e-taxa-de-juros/428978/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcorreio-b%2Fconfira-a-coluna-dialogo-na-integra-desta-terca-feira-16-de-abril-de%2F428977%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/correio-b/confira-a-coluna-dialogo-na-integra-desta-terca-feira-16-de-abril-de/428977/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/correio-b/confira-a-coluna-dialogo-na-integra-desta-terca-feira-16-de-abril-de/428977/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcidades%2Fgoverno-contempla-mato-grosso-do-sul-com-2336-moradias-no-minha-casa%2F428954%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/cidades/governo-contempla-mato-grosso-do-sul-com-2336-moradias-no-minha-casa/428954/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/cidades/governo-contempla-mato-grosso-do-sul-com-2336-moradias-no-minha-casa/428954/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcidades%2Fcom-recurso-de-r-800-mil-rotunda-ara-por-processo-de-estudo-para%2F428979%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/cidades/com-recurso-de-r-800-mil-rotunda-ara-por-processo-de-estudo-para/428979/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/cidades/com-recurso-de-r-800-mil-rotunda-ara-por-processo-de-estudo-para/428979/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://materiais.correiodoestado-br.portalms.info/newsletter-opcoes-editorias
Title: ESCOLHA SUA NEWSLETTER

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcidades%2Fcom-mais-de-116-mil-indigenas-em-mato-grosso-do-sul-ministerio-da%2F428970%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/cidades/com-mais-de-116-mil-indigenas-em-mato-grosso-do-sul-ministerio-da/428970/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/cidades/com-mais-de-116-mil-indigenas-em-mato-grosso-do-sul-ministerio-da/428970/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcidades%2Fazul-anuncia-voos-diretos-para-assuncao-no-paraguai-a-partir-de%2F428974%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/cidades/azul-anuncia-voos-diretos-para-assuncao-no-paraguai-a-partir-de/428974/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/cidades/azul-anuncia-voos-diretos-para-assuncao-no-paraguai-a-partir-de/428974/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcidades%2Ftribunal-derruba-liminar-que-suspendeu-conselheiro-da-petrobras%2F428973%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/cidades/tribunal-derruba-liminar-que-suspendeu-conselheiro-da-petrobras/428973/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/cidades/tribunal-derruba-liminar-que-suspendeu-conselheiro-da-petrobras/428973/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fcidades%2Ftjms-lanca-programa-restitua-para-que-cidadaos-recuperem-r-314%2F428968%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/cidades/tjms-lanca-programa-restitua-para-que-cidadaos-recuperem-r-314/428968/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/cidades/tjms-lanca-programa-restitua-para-que-cidadaos-recuperem-r-314/428968/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fopiniao%2Fe-o-predominio-do-capitalismo-que-gera-um-cenario-mundial-de%2F428980%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/opiniao/e-o-predominio-do-capitalismo-que-gera-um-cenario-mundial-de/428980/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/opiniao/e-o-predominio-do-capitalismo-que-gera-um-cenario-mundial-de/428980/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fopiniao%2Fisonomia-tributaria-ja%2F428940%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/opiniao/isonomia-tributaria-ja/428940/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/opiniao/isonomia-tributaria-ja/428940/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fpolitica%2Fjaime-verruck-filia-se-ao-psd-e-se-torna-opcao-como-pre-candidato-a%2F428941%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/politica/jaime-verruck-filia-se-ao-psd-e-se-torna-opcao-como-pre-candidato-a/428941/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/politica/jaime-verruck-filia-se-ao-psd-e-se-torna-opcao-como-pre-candidato-a/428941/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fpolitica%2Fnao-importa-direita-esquerda-e-sim-resultado-diz-presidente-da%2F428845%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/politica/nao-importa-direita-esquerda-e-sim-resultado-diz-presidente-da/428845/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/politica/nao-importa-direita-esquerda-e-sim-resultado-diz-presidente-da/428845/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fpolitica%2Fnos-vamos-chegar-la-diz-presidente-da-oab-nacional-ao-ouvir%2F428860%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/politica/nos-vamos-chegar-la-diz-presidente-da-oab-nacional-ao-ouvir/428860/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/politica/nos-vamos-chegar-la-diz-presidente-da-oab-nacional-ao-ouvir/428860/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fpolitica%2Fem-visita-de-lula-rose-diz-que-pretende-ser-a-primeira-mulher-eleita%2F428842%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/politica/em-visita-de-lula-rose-diz-que-pretende-ser-a-primeira-mulher-eleita/428842/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/politica/em-visita-de-lula-rose-diz-que-pretende-ser-a-primeira-mulher-eleita/428842/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2Fpolitica%2Flula-vem-a-capital-para-conhecer-o-processo-da-carne-desde-o-controle%2F428808%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=/politica/lula-vem-a-capital-para-conhecer-o-processo-da-carne-desde-o-controle/428808/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20/politica/lula-vem-a-capital-para-conhecer-o-processo-da-carne-desde-o-controle/428808/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://ajor.org.br/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/Sr9LV6mVVW8xhRww5
Title: Av. Calógeras, 356, Centro

Search URL Search Domain Scan URL

URL: https://wa.me/5567999226705
Title: (67) 9.9922-6705

Search URL Search Domain Scan URL

URL: http://www.dothcom.net/?utm_source=correiodoestado-br.portalms.info
Title: dothCom

Search URL Search Domain Scan URL

URL: https://www.dothnews.com.br/?utm_source=correiodoestado-br.portalms.info
Title: DOTHNEWS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

Request Chain 61

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10341.noFpxSzv_qG0jL6G2E0u5BkRJpArllrqbsVdUMHyje7RM6KkBhXsaAjmkPazzgmD.kZ9rOYFAoeQAQdfDrcQzHr7NbZE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10341.nSgroFh-iFzEpUhye_NUtaltCrKELIjIDYXOld_WxAd-Lgbq2lB6Btvi-DgWbRY6QBKvhcddos4qI5snhVpo1dugGaraCe_tbXjhcQ9C8Iyn3DDpV37ZAdKxImP7H0LbKzwvKRPMS0kNmK4LJvu_6Ib1_wH59k0ApQnFFIkoika-LceDasqY5bp4XSd3yivyzyv_d-ujnU98C_UrdF1sJIs7N2Gi2FXmICT2X9mjCDI%2C.yCtggloldZ6xFzHhd74TmhpsTfw%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10341.spo-7A0LFY6Ut1NEaHVplmOhG63HggTeXEz98-xYSoZHWMJeEZLJd9LF1VGO4DlD7dcWyX228S03JjWoyQxChyQGCG1WP8s3km5Sd79Pc4PP_5aK5MH2sYahrhyX0eajHvbpB_Q2V8caUTBGhq_bsIHkn4p6hNqRsgt2plxY8SisLs2y98X3bblwjoUSbP5yksDXoPpF4V3TzInDnu9W3Q%2C%2C.rxt5pouD9fKO6P7f-dnIljqmR9c%2C

Request Chain 66

https://mc.yandex.com/watch/92306955?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A128626462210%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A288993683%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037572)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A128626462210%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A288993683%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 67

https://mc.yandex.com/watch/92138111?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A3%3Adp%3A0%3Als%3A1254408244700%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A752317443%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/92138111/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A3%3Adp%3A0%3Als%3A1254408244700%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A752317443%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 68

https://mc.yandex.com/watch/92137780?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A172882207511%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A652211235%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/92137780/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A172882207511%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A652211235%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
correiodoestado-br.portalms.info/ 141 KB
20 KB 467ms
394ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6f31313dd4e8fc17d7471400e287fb5bee43df258bd72fc783417dfeedfac1

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 875430fdc8d70e2e-AMS
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 16 Apr 2024 12:31:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGsLNz3elL1aHupmOpMzAwL9GadYpxLt%2BbSeYCurSkjeLEY7jLH7rlx3RBTGxeP4UkZhetz%2Bio7dM%2FvbEFes4j8TuYUBAcvLimFFm6ereHCHjDwBAxrSEDIa5U%2FcIB3UhnPovsxxySbgHRbgILttrJpYXjHrK5VI0Qbimv4nOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 133ms
65ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e7519f6cef5a384d99007dc2b3f2c3966c0d3e8898e354af61c0a299ca2b5d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29378
x-xss-protection: 0
server: cafe
etag: 872 / 19829 / m202404090101 / config-hash: 12983506950477179580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Apr 2024 12:31:16 GMT

GET
H3 200 normalize.css
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/ 3 KB
2 KB 1322ms
1320ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/normalize.css
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4429ba9c0d14b2d807827b11779236ba441402eb4fef023634ad2baee7e8d7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYZZAZWrGWO2UUOMR7uYC6%2FP6rKIU2U1eHFX07pCVBiSX1KU2srHOq1koHWC%2BDwlqjErNJbn1LE5lc5UC5rTBgxNMhLvT9p8bhYhuRTHTcHDX6v9PN6DTkJqkOJs9Lr18t%2BzInRaQgXNyepsffYbECUKGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfd76609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 webflow.css
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/ 3 KB
2 KB 647ms
645ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/webflow.css
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56796c0217162c07a834852e4bc032236bee30a4f43bcd3c147f41caf2b7b408

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5gfGtCFpwsSuEMFn76ozxUEdgCLBqsse0HW22kcQr%2FKClRoYxArBHmb76s2zVZsA69Hyo9S5jXRj8ZNKlciS71i9CxKWTEkG1ELwwh5qcNnQTyJmC%2BJDvsGTkc39%2FSUUWrFUAf31gCWBu0F4CaURGiFHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfdb6609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 tema.css
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/ 3 KB
2 KB 374ms
372ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/tema.css
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51865bf953be915e619cb57237bdbfe58efb531bbab4047366fdd72e2c2d3b5c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:16 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvZDD4d3KKCOicXPnwHx1FSbyVre4x7%2FQLjnarSm02TNAfxzrX2Bx0iBB%2Fl1N65%2BRI1hcu3HDm0Hsaw5OXkNWiFSbBIrrfYM8T3082FhIDV8mKxK5aVn6IgL8B7dJgTHih4Jg0r02zu3foIHA9jL1Ts87Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfdd6609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 correioestado_v058.css
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/ 3 KB
2 KB 91ms
89ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css/correioestado_v058.css
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7033a203807854b19982aaaefc60e7cc4433b86bd597979030fe6957259346

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:16 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNWoOXMiwL9jLcH6IwHEMdqKH2otqgjvA5oZWz0Zg0ou%2BRcs5Hbp97mUg6cSBQfXz1UpTki%2FORJgeHTxXgj0jLt3zNzLV%2FCKPn7W%2BjqV6V9Ejj6uePAkVHbHaCRz33Sj3ljIIIGnCDdnFrxIxj4NfszLrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfde6609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery.cookieBar.min.css
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-cookiebar/ 3 KB
2 KB 78ms
76ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-cookiebar/jquery.cookieBar.min.css?v=058
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae4a5f5633accf1f4e011b372206e30c57fd5cc047d7c88a03237f460521269e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:16 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9D9DEUMDb%2BXE96%2F%2Bk6UJ5S99PZa4Ht4n6Qhe2QSDuKUmve6lR6k0dCaUGDVJjTBbD0%2BQYUUX%2Bct5RZ94E9AfyFfoIo1ZeXcrsSMOMu8v6syfIIK4gKAwCPM5iaxT0tS54sPPHg%2B78YI5pvZDZo7ElYg%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfdf6609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 90ms
23ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 12:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Apr 2025 12:02:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 87 KB
3 KB 528ms
49ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11076dd4a86d587f214ac5bb2fe78147db864e0087056274c0d34d7a2f1ffb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Apr 2024 12:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 12:31:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Apr 2024 12:31:17 GMT

GET
H3 200 jquery-1.6.min.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/ 3 KB
2 KB 1853ms
1852ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-1.6.min.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06bb75dce5bc8efb4fa5134037197afc0acd54d5678a11cf1c0e35e1f8e506ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jt4Ge6RaZ0WRuZjwT6tP%2BfxSDTsSV9JGApdZUkiow%2F2G7kyZVz2KKm%2FrN1cRQXH2rCSdsUFAplZSYxArMbHoJYIWr%2FJziRIWLWug57IRXQOkzUBrIxcF%2FYp3Ucn%2Fk2IT0Ixruhe5tx08OoN9KpkjunWZHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfe16609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 169 KB
62 KB 536ms
49ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NQCSX44

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91eb4084c0447379479a0e425d8b655becbcedc75313977b13470414a74bb50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62775
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 12:31:17 GMT

GET
H2 200 1efd6be9-5844-49c6-9d00-aa480c239998.js Show response
cdn.pn.vg/sites/ 3 KB
2 KB 109ms
37ms Script
text/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/1efd6be9-5844-49c6-9d00-aa480c239998.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b810879d926326f14210569df5b98b6db32adffed2d7d8fd326c572687337d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
via: 1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P6
age: 2217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 24 Jan 2024 21:40:07 GMT
server: cloudflare
etag: W/"24b6cdd0f25047c12279cfeba106d10d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBML8yuod1H8QiCMfFdHi75AUgKE3IxJWqKBIj5MOKBAuTHsC0SnW6n%2BLCRwkxhpY4rAJsKwoujZvl2qtB2k6GgCNJc8em5mexbZWn0pvr2xuI2HpVBMkMrJ5%2FOcwgHeR3FI6xAJkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8754310cdc1f668d-AMS
x-amz-cf-id: hUrZsn203ymeYXtANMf76v6Z5vqSZQ83f-exoD7d8eRV0BTcwx6IUA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 119ms
44ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1420794-71

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c6ff8abedcaba150c45098f57b3643a749976b98d572e7f73d9ebbfe92d0a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69448
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 12:31:18 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 96ms
25ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01acc546042ca49013cf6c8f854ad565a27c53599379126ed71c63b60817fdc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Origin: https://correiodoestado-br.portalms.info
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 12:31:18 GMT
content-md5: yfE1wM+T/ExuEObCUFBB6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: 7XOUG3/SJ9OJwsF07l2vRczocGQw652XUlLUDvjILZ4ipOM6Na0uSasz9KFIAT8VPCIhFN/LQH32878u7erWrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f84808247d425da08109006981a1439c
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "9bfc018ada8cf2f40d0ee48f4496c51d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 16 Apr 2024 12:35:23 GMT

GET
H2 200 horoscopo.js Show response
widget.horoscopovirtual.com.br/js/ 1 KB
1 KB 276ms
36ms Script
application/javascript 2606:4700:20::681a:ce0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.horoscopovirtual.com.br/js/horoscopo.js?background=ffffff&color=134282&border=ffffff&text=134282&font=opensans
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ce0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b903fb9e277701d1aed32bcd887e2484aaa4c17fd0e4ce5e474b32a7618ef66

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2214
cf-polished: origSize=1374
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 16:27:53 GMT
server: cloudflare
etag: W/"654a6589-55e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2Fzn2c6ZHa4nTsAL%2FeddQI%2BX6KYCYTff37mipBVfcXj%2BhxA%2Bs7ViuxjboJ8nQQlYUKczAKIPK0bcnq6M%2F7NLU%2FUOzt308SqH2dUq%2FUrCPi0nqNvT1qHw6VjbSYYOvq8XQY%2F6KjdpToQOlSE%2FdaMT3H8IcJs6B5s9NnbzZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8754310dfc060e40-AMS
expires: Wed, 16 Apr 2025 11:54:24 GMT

GET
H3 200 icone-clima.png
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images/climatempo/ 3 KB
3 KB 2206ms
2206ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images/climatempo/icone-clima.png
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:18 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlNoapwcUPOus7IjttaWpVt%2F%2BIObWZ6V3bZ26UmAUZ6URVhWQoHhq%2Faoy35NNLNiNFFo73RO%2FJvupoQsVg%2B9GFVvK7INWeyX%2Bhcqi%2F9TBfGH8dpP7LsAH5CvOFku%2Bi645uCDKkfaaoRIrdD0%2Fxa1K7lILw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfe26609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 selo-ajor.png
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images/ 3 KB
3 KB 2551ms
2550ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images/selo-ajor.png
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQhr7O0fqy1iLXvx2N2FLhqkkjHo7FJtm7kimqrTjfb9Nuc10tYjdYvD0p8RiQ3DGHznOYkXjFYGnUfYCV9FllktM%2B4Bp3MUC5XJXta71f3ogvOu3i1h3J3JVE%2FREXe%2Fkl3AgQqdvSuPvc2cNv%2BYiabnUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87543100cfe76609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 email-decode.min.js Show response
correiodoestado-br.portalms.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
27ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://correiodoestado-br.portalms.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6610342c-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZC%2Boh1frYPWzYtzLxMjgyp%2FeddLWKSEfQA4fD8UQ%2BE%2BSYXqlENALREu2WHZDc%2FhAFuQT8hl8vS%2FXmjKZMh8fL3DAYvsf0nWX5juBW4lrcUXiJ0QOrlCj2V2rZ7epywgG02FRjgbrqyptCxUrjT5ZmBD%2BiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8754310c6bb36609-AMS
expires: Thu, 18 Apr 2024 12:31:18 GMT

GET
H3 200 jquery-migrate-1.4.1.min.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/ 3 KB
2 KB 2594ms
2592ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-migrate-1.4.1.min.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95aa8181a6c6d929de99629094580940392b00bf938db043de55b08462b402f4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BU0Fi506%2FnvW2YiR2YwjHdJhFHTF1ign8HMYQYqsW1%2FVg0R2oIesFNDtbQKaTdF9StIm%2FkaZufVJQhlaYeGMgpsmiOtV92zk7zNYVILKVz4rGfAKWhDT9kkmt6p2ROxKx7a4HapbkIeKZPewcem1NY1HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754310c6bb46609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/ 3 KB
2 KB 1192ms
1189ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-3.5.1.min.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a4ee2ca9233b4df324cb6903ef4af5c6a2231811fc219a6824ad9b46d5be7d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UX15lsWi%2FHaRN9yJv7HjbwiQxvMwaKb8spVNmql6BiubDQYQkQRmKVP%2BzPR2IN03ovQw24I7R92Lr5H%2FDfZKrxboLIE5aeRrEdj%2BMZoJ03DbTaIUAd1oz6EIOMBto4rVm8gu8YSn1QQfO%2FVIWMr8sS647w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754310c6bb86609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 webflow_v058.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/ 3 KB
2 KB 2053ms
2049ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/webflow_v058.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e5a75a4a77d904783cd18caf626b918bc19e8e2b3b29b6c829f9ee1e815ff6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:20 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQxyY1CTosReogjQ7sJSdg7JXZTSPzlepJeAfNEc8IbeYmBMkjMH8UX7rMZWI4Swy83srBRoN3Xkn8RoKrz%2FcNmexvC8%2FNcrKrxe4AkXaFh56sMRAYMZyG47BZIu1Z8Fpl%2BzB23Rd4OQqKqlRQ%2Fbm6d7VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754310c6bba6609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery.validate.min.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-validate-1.19.5/ 3 KB
2 KB 938ms
935ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-validate-1.19.5/jquery.validate.min.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59fcb68ad27e8b36d98954b1a65c6890149f2190ead255cd65b3b76c8be09f9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJzGCI%2FElOroVIHTl8BIOwpcq20sI97sq4aQBeX46GWySEna8uyvltJevp%2Bqbnh8IHExS%2Fiy9PX9TLb6%2Bag8UasQVle9g4OcPLF9189z6eIgtSOZKcmJ8ezAPeIMug3TfSOg6iLPXhA19x0P31lXl4H6%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754310c6bbe6609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 messages_pt_BR.min.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-validate-1.19.5/ 3 KB
2 KB 552ms
549ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-validate-1.19.5/messages_pt_BR.min.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ede75cc0c3091f1ce830cc4afcdbcf143b3b67bdc478370a80c133021c14dcd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ta6eYhhY8K8JpZ%2BgGf%2BP32EPbpZJnZ98TNqrK%2B3xWqbnITjlyX7%2FVQhK%2F3OBxHZ%2BvCxrs3LGVYbRWWDo2b98IeysmKCxlURGNt%2Bz4XS44hZYdgIdj%2BSM3xKlCjDmxuV%2BRKGa3ax4Kbudc7UM9deYu%2BObMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754310c6bc06609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 scripts_v058.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/ 3 KB
2 KB 1457ms
1454ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/scripts_v058.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd16fd609cc6b7c841cb941e2defe6bb606487df105d580df2fd8f5f34d6a4e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cX0YyyIubzC7SiHjOMbsHj%2FxCIlKXSJNMgRXBsGctZ9Szm5nsO95swbG2WwO0TX7Aie%2FT78mJvS34YTy2A1vuivLSoq53RNbu6q98YeGorvAZgEGG9C0GYpuguyUaOrT8Fbu0bgNyci1H6goTTMuNtI8pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754310c6bc16609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery.cookieBar.min.js Show response
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-cookiebar/ 3 KB
2 KB 293ms
290ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-cookiebar/jquery.cookieBar.min.js?v=058
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b49892aebff452c1f1a5c9011bf16693e92c867eee324176c6955477391a338a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzq%2BleFyPnNgvhWu9h0zADVKZ6xWsbMS7XDhm1iNTmli7B5GSJ3kfETtQTVsgJmJ95Vbz9VDQv2PUebzgAU4pAJjyg3yFXqeNKHKDcquR11Ud3Hsu2MGbQYBew2OxhiXvzxuEPxFfJLDx7dvi%2BgvA0dLbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754310c6bc46609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 07312727-7430-4b77-95d5-8569abc18736-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 1119ms
880ms Script
application/javascript 108.138.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-18.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a6a2d909697b17e2775fc77237ba4526e00320eec078b7ab7212772c44558c1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Gsr5lRtg3R0ZBUm0KWYKW5BpQXxsB7hx
content-encoding: gzip
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
date: Tue, 16 Apr 2024 12:31:20 GMT
last-modified: Tue, 06 Feb 2024 02:04:21 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
etag: W/"bc704d45a5168d0ec0705378172c488b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: 7jglr-LVHMdl2vYb141krlCtt2gaqCVDz0fNFro5Qh5pzHcDK3hK1g==

GET
H2 200 build.js Show response
dtokw98w8oklz.cloudfront.net/ 83 KB
21 KB 276ms
37ms Script
application/javascript 2600:9000:237d:400:5:6af1:95c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dtokw98w8oklz.cloudfront.net/build.js

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:400:5:6af1:95c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba7ad12f00c8e2a5b68758e5107d7e209f807d8c5a480fde2249d964c2007210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 05:40:05 GMT
content-encoding: gzip
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P2
age: 30361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 29 Mar 2024 11:26:02 GMT
server: AmazonS3
etag: W/"714b2aa4fadfe63d967210e912938d29"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
link: <https://ap-adserver.igaming-ap-service.io>; rel="dns-prefetch"; rel="preconnect"
x-amz-cf-id: NLKi8psekrnh_JLyhSYHE3vKvDtv4FTZg4RS7f94DWwXNGlLnEyywA==

GET
H/1.1 403
Forbidden 2200540f09f939738419313a1a090c32.js
demiseskill.com/22/00/54/ 0
0 342ms
104ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 12:31:18 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden a032b4d33c8aea68a4f9b84235614bff.js
demiseskill.com/a0/32/b4/ 0
0 341ms
103ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 12:31:18 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK script.js Show response
vmuid.com/ 10 KB
10 KB 271ms
35ms Script
text/javascript 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 12:31:18 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10178

GET
H/1.1

200
OK

sdk.js Show response
pupspu.com/
Redirect Chain

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

58 KB
59 KB

180ms
68ms

Script
text/javascript

178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: HTTP/1.1
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7be0b531f03d2659da4e1596c7cb6401b93ffc98e7457fbc0a8eac8edaa90852

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://correiodoestado-br.portalms.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Tue, 16 Apr 2024 12:31:18 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 59851

Redirect headers

Date: Tue, 16 Apr 2024 12:31:18 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
Location: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/ 445 KB
139 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af1756f799fa1cf1e916300956ffdf5702fa3c5abc2c420d12fbe249b2362bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 10:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8463
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142404
x-xss-protection: 0
server: cafe
etag: 14799552697149998396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 16 Apr 2025 10:10:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
96 B 192ms
85ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=correiodoestado-br.portalms.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

15cdc035024cefd16ecaadcae9187490377e62d89065d17123e2b198d1153aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
expires: Tue, 16 Apr 2024 12:31:16 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
0 1ms
1ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01acc546042ca49013cf6c8f854ad565a27c53599379126ed71c63b60817fdc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yfE1wM+T/ExuEObCUFBB6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: 7XOUG3/SJ9OJwsF07l2vRczocGQw652XUlLUDvjILZ4ipOM6Na0uSasz9KFIAT8VPCIhFN/LQH32878u7erWrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f84808247d425da08109006981a1439c
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "9bfc018ada8cf2f40d0ee48f4496c51d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 16 Apr 2024 12:35:23 GMT

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 150 KB
41 KB 228ms
158ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4189
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a0d426eac4cb3a4cfe939ed1128f54e5164459ae5e77328f8fc6bf0348995f6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Origin: https://correiodoestado-br.portalms.info
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 21ms
date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 12:31:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 28
accept-ranges: bytes
cf-ray: 8754310cdfbd9fd2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 41518

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 113ms
98ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1420794-71&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NQCSX44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a853a4fc2ea314d74e38905da9512f01dbd66a403a4bff873cbf6046692d556d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69483
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 12:31:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
97 KB 136ms
122ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BXGB68T2MJ&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NQCSX44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25b21355061cd35c509f89196bed922e5a3e0e323c63e526c54669f074f97b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 12:31:18 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 298 KB
86 KB 34ms
19ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=b5945c7bbfef8b201ce3753c4b7b21b5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3ba1f549e6f3a461cea067f707112fb9bd74501906be2d3c1962764e884f23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Origin: https://correiodoestado-br.portalms.info
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 12:31:18 GMT
content-md5: CbbWWoqaB3T9uuNIXqJh3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87288
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=20, mss=1294, tbw=6416, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug: URT9H1es+5eKj/RYvTN23AENKtmF/2XswDrT/ITI5P5cnmHIB20EOtp92CWACmm7pUqEk+Qe67795GmDGfpgVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c885082e8a7f931e5b3232e81981c4bd
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "3456f915a77a18a5b4537cf95156d7f3"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 16 Apr 2025 10:42:43 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 256 KB
67 KB 54ms
0ms Script
application/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/1efd6be9-5844-49c6-9d00-aa480c239998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2e922dcc0c2ad8824c4788b40a4b8f230d1a266f23f27c44484ccadd0ff660

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
via: 1.1 3a5e4105e7e14b13dcdcd3f0d9062fa0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P6
age: 251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 26 Mar 2024 19:11:58 GMT
server: cloudflare
etag: W/"efc23dd4c8a960980299ff1bfe1ab64c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONd4oT9Eu7949zq3%2BohyOHLAk%2BlY223eAWUOhPAWG6wSMFE21twRSkUz3u2rExpuwgewgcUvy4Fqao%2BA%2BmkcMenpY4%2BqgOseirea2K3FnxJ0pj5VVHsYMqzWgsZgZvMuupFGULVmPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8754310d5cc7668d-AMS
x-amz-cf-id: rHWhKgBwcwSNjiXQiSO-axi3GTIys8zwhqOqFLf8cDwLd9acnVan8g==

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 288 KB
36 KB 270ms
118ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3417044867064617&correlator=4265215284932694&eid=44809527%2C31079525&output=ldjh&gdfp_req=1&vrg=202404090101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=80777562%2Cnovo-layout-banner-regua-topo-970x250-970x90-300x250%2CCapa_Topo_Lateral_300x250%2Cnovo-layout-banner-regua-cidades-970x250-970x90-300x250%2CCapa_Editoria_Cidades_970x90_970x250%2CBanner-area-de-Enquete%2Ccapa-editoria-politica%2Ccapa-rodape-cotacoes%2CCapa_Popup_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=970x250%2C300x250%2C970x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1713270678686&lmt=1713270678&adxs=8%2C8%2C8%2C8%2C8%2C8%2C8%2C-9&adys=15108%2C25939%2C28713%2C36235%2C47238%2C52671%2C78187%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&vis=1&psz=1584x90%7C1584x250%7C1584x90%7C1584x250%7C1584x250%7C1584x250%7C1584x250%7C0x-1&msz=1584x90%7C1584x250%7C1584x90%7C1584x250%7C1584x250%7C1584x250%7C1584x250%7C0x-1&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1099716886.1713270679&ga_sid=1713270679&ga_hid=829431795&ga_fc=false&dlt=1713270676594&idt=2021&prev_scp=refresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent&adks=4068051353%2C594300009%2C834477008%2C425584047%2C1352343397%2C839444603%2C2066448455%2C908174677&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

a25ac40a1b2d3aaf78faed36f6480b8530cdcd042d92863493b5a5da51f539c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36697
x-xss-protection: 0
google-lineitem-id: 6410731801,6704170792,6494172694,6494172694,6217517741,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138453796159,138471670091,138461739360,138461863247,138447793733,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d0dcda1528231911fc91cae3c616334f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2794 0
0 252ms
74ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0dcda1528231911fc91cae3c616334f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://correiodoestado-br.portalms.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 12:31:19 GMT
expires: Wed, 16 Apr 2025 12:31:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 196ms
51ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1420794-71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 11:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3157
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Apr 2024 13:38:42 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 126 B
872 B 148ms
52ms XHR
application/json 162.19.96.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.13 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: haproxy04.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Apr 2024 12:31:19 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://correiodoestado-br.portalms.info
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 86

GET
H2 200 1efd6be9-5844-49c6-9d00-aa480c239998.json Show response
osp-assets.pn.vg/ 784 B
1 KB 422ms
279ms Fetch
application/json 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/1efd6be9-5844-49c6-9d00-aa480c239998.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a83935554c811295bf724df7c5737750750bd0c5819a548366ceebf2287976b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:19 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8SZSQH0RMP3ZZM1R
x-amz-id-2: M01qmgs/ZcL0nD6Sw90N126f8s30VjHbwU4NAsAYHIQiwXJJ9Emj93F7bJozUiZDEI0PC/S/ZRE=
last-modified: Mon, 24 Jan 2022 13:57:53 GMT
server: cloudflare
etag: W/"772a1deaffaa22b8a1c8b6e8d13f0e9d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1trctzWSrT3p2U%2BFXAkrWAWXPNWSykJkiBWKTYt%2FUxBpKnUNXoGBFXr0yPppbJZHi0dMlNON0LWgoFpjxr1Lq427KzPfL8eNGDFx93colpc5Z%2BVwCAQiipcVEvrp96%2FI%2FFTt%2FRXxApzV8n327Ts%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 87543111fb340ead-AMS

POST
H2 204 collect
region1.analytics.google.com/g/ 0
265 B 108ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BXGB68T2MJ&gtm=45je44f0v891373032za200&_p=1713270678458&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1099716886.1713270679&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713270679&sct=1&seg=0&dl=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&dt=Correio%20do%20Estado&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3221
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BXGB68T2MJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
265 B 127ms
32ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BXGB68T2MJ&cid=1099716886.1713270679&gtm=45je44f0v891373032za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BXGB68T2MJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 155ms
51ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BXGB68T2MJ&cid=1099716886.1713270679&gtm=45je44f0v891373032za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1737687888

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
218 B 36ms
36ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=829431795&t=pageview&_s=1&dl=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&ul=nl-nl&de=UTF-8&dt=Correio%20do%20Estado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=988069469&gjid=1025884764&cid=1099716886.1713270679&tid=UA-1420794-71&_gid=592707010.1713270679&_r=1&gtm=457e44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1114772900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
27ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1420794-71&cid=1099716886.1713270679&jid=988069469&gjid=1025884764&_gid=592707010.1713270679&npa=1&_u=YADAAUAAAAAAACAAI~&z=2070543864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 Apr 2024 12:31:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 130ms
64ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1420794-71&cid=1099716886.1713270679&jid=988069469&npa=1&_u=YADAAUAAAAAAACAAI~&z=235459472

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 52ms
51ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1420794-71&cid=1099716886.1713270679&jid=988069469&npa=1&_u=YADAAUAAAAAAACAAI~&z=235459472

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/ 491 B
612 B 95ms
38ms Fetch
application/json 13.95.152.229
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.95.152.229 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9469142f9b726a62d062bfb5d3358f6d43a307b048caab3683deba4bca45681c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 12:31:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Method: GET, OPTIONS

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 210 KB
73 KB 313ms
130ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-1213b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74043
expires: Tue, 16 Apr 2024 13:31:21 GMT

POST
H3 200 user.php Show response
correiodoestado-br.portalms.info/ 0
432 B 108ms
107ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/user.php
Requested by: Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://correiodoestado-br.portalms.info/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E77b78Xq%2BLj12qewV%2FkNLXXEPIIbAvKxwbh5QxNypb1OK5abmt6SRvRAeQdZguCB%2FD2l%2BdRe%2Fg3wHNHTurdlgDigL0hoIIragF9rkQtZxd8Nm2Wof6OHtfcjTih%2Bp%2FV08KBgK6Z4THtzaUbTeaQa%2B4fd%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8754311d2a8c6609-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 41ms
40ms Script
application/javascript 108.138.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-18.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
date: Tue, 16 Apr 2024 04:34:27 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 31473
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bnptKb9zzdk8J-9sM40toSM95dT-D8m0m0Z_oJFZ1wmKczv5P1BteA==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 42ms
41ms Script
application/javascript 108.138.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-18.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
date: Tue, 16 Apr 2024 12:20:51 GMT
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 18159
x-amz-server-side-encryption: AES256
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: nQlY9NICAcZngsk8cMeKNSZOEvDmRE0yjcEbHFtE8kr9I6LfRYttRw==

POST
H/1.1 200
OK send Show response
vmuid.com/uid/ 65 B
712 B 25ms
25ms Fetch
application/json 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/uid/send
Requested by: Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: ad78ce0412a1349add2fc3ef4e008f31ddff4376b83c21cd591891164f35eac7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9j0DnLnxjCtXxnJk
Accept: application/json
Referer: https://correiodoestado-br.portalms.info/
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 12:31:21 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: application/json
Access-Control-Allow-Origin: https://correiodoestado-br.portalms.info
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length: 65

POST
H/1.1 200
OK hit
pupspu.com/ 2 B
391 B 39ms
39ms Ping
text/plain 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/hit
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLJTN0VOBLV7QsIDN

Response headers

Date: Tue, 16 Apr 2024 12:31:21 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 74ms
72ms Fetch
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test=bc

Requested by

Host: dtokw98w8oklz.cloudfront.net
URL: https://dtokw98w8oklz.cloudfront.net/build.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

5efc006946644fd78bd9b35d4007665d56f794642ca10dabf48a6ed89517c346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50730
x-xss-protection: 0
server: cafe
etag: 16916659160975840738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 16 Apr 2024 12:31:21 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
0 1ms
0ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test=bc

Requested by

Host: dtokw98w8oklz.cloudfront.net
URL: https://dtokw98w8oklz.cloudfront.net/build.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

5efc006946644fd78bd9b35d4007665d56f794642ca10dabf48a6ed89517c346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50730
x-xss-protection: 0
server: cafe
etag: 16916659160975840738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 16 Apr 2024 12:31:21 GMT

POST
H2 400 ads Show response
ap-adserver.igaming-ap-service.io/ 101 B
234 B 37ms
36ms Fetch
application/json 54.194.192.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap-adserver.igaming-ap-service.io/ads
Requested by: Host: dtokw98w8oklz.cloudfront.net
URL: https://dtokw98w8oklz.cloudfront.net/build.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.192.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-192-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2a419228a8fe596be6dd30d48ad714cefed3d74ad2dcf5c2b58445abb9a74fd3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 16 Apr 2024 12:31:21 GMT
server: nginx/1.22.1
content-length: 101
vary: Origin
content-type: application/json; charset=utf-8

OPTIONS
H2 200 ads
ap-adserver.igaming-ap-service.io/ Frame 0
0 320ms
39ms Preflight 54.194.192.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ap-adserver.igaming-ap-service.io/ads

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.192.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-192-48.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://correiodoestado-br.portalms.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 16 Apr 2024 12:31:21 GMT
server: nginx/1.22.1
strict-transport-security: max-age=15768000
vary: Origin, Access-Control-Request-Headers

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10341.noFpxSzv_qG0jL6G2E0u5BkRJpArllrqbsVdUMHyje7RM6KkBhXsaAjmkPazzgmD.kZ9rOYFAoeQAQdfDrcQzHr7NbZE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10341.nSgroFh-iFzEpUhye_NUtaltCrKELIjIDYXOld_WxAd-Lgbq2lB6Btvi-DgWbRY6QBKvhcddos4qI5snhVpo1dugGaraCe_tbXjhcQ9C8Iyn3DDpV37ZAdKxImP7H0LbKzwvKRPMS0...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10341.spo-7A0LFY6Ut1NEaHVplmOhG63HggTeXEz98-xYSoZHWMJeEZLJd9LF1VGO4DlD7dcWyX228S03JjWoyQxChyQGCG1WP8s3km5Sd79Pc4PP_...

43 B
612 B

63ms
63ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10341.spo-7A0LFY6Ut1NEaHVplmOhG63HggTeXEz98-xYSoZHWMJeEZLJd9LF1VGO4DlD7dcWyX228S03JjWoyQxChyQGCG1WP8s3km5Sd79Pc4PP_5aK5MH2sYahrhyX0eajHvbpB_Q2V8caUTBGhq_bsIHkn4p6hNqRsgt2plxY8SisLs2y98X3bblwjoUSbP5yksDXoPpF4V3TzInDnu9W3Q%2C%2C.rxt5pouD9fKO6P7f-dnIljqmR9c%2C

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://correiodoestado-br.portalms.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10341.spo-7A0LFY6Ut1NEaHVplmOhG63HggTeXEz98-xYSoZHWMJeEZLJd9LF1VGO4DlD7dcWyX228S03JjWoyQxChyQGCG1WP8s3km5Sd79Pc4PP_5aK5MH2sYahrhyX0eajHvbpB_Q2V8caUTBGhq_bsIHkn4p6hNqRsgt2plxY8SisLs2y98X3bblwjoUSbP5yksDXoPpF4V3TzInDnu9W3Q%2C%2C.rxt5pouD9fKO6P7f-dnIljqmR9c%2C
date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
573 B 72ms
71ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: correiodoestado-br.portalms.info
URL: https://correiodoestado-br.portalms.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 16 Apr 2024 13:31:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
70ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

3445a62ddd8425678d90d61ff7a96ee0c0d8831a30cedd54e7ae30423c6eb53c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12221
x-xss-protection: 0

POST
H2 400 send Show response
pageview-notify.rdstation.com.br/ 83 B
562 B 430ms
159ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

380fe081dad4ff67790de2d8cfc86808d4886078521048e3e2372c1b24d45185

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 12:31:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://correiodoestado-br.portalms.info
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 83
x-xss-protection: 1; mode=block

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
780 B 30ms
30ms Ping
application/json 162.19.96.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.13 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: haproxy04.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Apr 2024 12:31:21 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://correiodoestado-br.portalms.info
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2

200

1 Show response
mc.yandex.com/watch/92306955/
Redirect Chain

https://mc.yandex.com/watch/92306955?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%22...
https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%...

447 B
539 B

63ms
63ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A128626462210%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A288993683%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7de683f0cc2fd625d8b6741d13adde8f54b3316ffd14cf11ddcf47b869e8dcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://correiodoestado-br.portalms.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 16-Apr-2024 12:31:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:21 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 16-Apr-2024 12:31:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A128626462210%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A288993683%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/92138111/
Redirect Chain

https://mc.yandex.com/watch/92138111?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%22...
https://mc.yandex.com/watch/92138111/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%...

447 B
479 B

68ms
68ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92138111/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A3%3Adp%3A0%3Als%3A1254408244700%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A752317443%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3c13c55e9e0474d5b1e21b870fad5bbe8fcc935abf9aac365f5078aece5ee5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://correiodoestado-br.portalms.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 16-Apr-2024 12:31:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:21 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 16-Apr-2024 12:31:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92138111/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A3%3Adp%3A0%3Als%3A1254408244700%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A752317443%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/92137780/
Redirect Chain

https://mc.yandex.com/watch/92137780?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%22...
https://mc.yandex.com/watch/92137780/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%...

447 B
479 B

78ms
78ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92137780/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A172882207511%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A652211235%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3e27f634163e2d127f3f6d135f51541e4c1d2256cfbc367cb5449794f771e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://correiodoestado-br.portalms.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 16-Apr-2024 12:31:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:21 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:21 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 16-Apr-2024 12:31:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92137780/1?wmode=7&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A172882207511%3Ahid%3A826037816%3Az%3A120%3Ai%3A20240416143121%3Aet%3A1713270682%3Ac%3A1%3Arn%3A652211235%3Arqn%3A1%3Au%3A1713270682327663738%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2502%3Awv%3A2%3Ads%3A0%2C49%2C394%2C6%2C0%2C0%2C%2C4685%2C8%2C%2C%2C%2C5159%3Aco%3A0%3Acpf%3A1%3Ans%3A1713270676040%3Agi%3AR0ExLjIuMTA5OTcxNjg4Ni4xNzEzMjcwNjc5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713270682%3At%3ACorreio%20do%20Estado&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:21 GMT

GET
H3 200 favicon.png
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images/ 3 KB
4 KB 234ms
234ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5f65b1f8ad1d78fa79ccea32b887b4a5f088ce17ebdc9c3156397c2fb71a86d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:22 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9fccOSNn1MBbinV103UtPxhkHbxnahd1UXn9yCgtCTtO3f4vnMPDDCjAANh49TtFkxkHNlP320KyUbVKqpi%2FkTUZP5z8OX7MuDUFdfCL%2BVx80Co2jNbFJNAwTikI6URFd1FIlQWnTKwkD%2BvMGKMkXILlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8754312198e06609-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 244ms
97ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 12:31:22 GMT

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 129ms
89ms Script
application/javascript 108.138.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-18.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: p5CvNmBR8Hi2L2KZd2nEga.lokO16FDg
content-encoding: gzip
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
date: Tue, 16 Apr 2024 04:34:30 GMT
last-modified: Mon, 29 Jan 2024 17:45:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 36076
x-amz-server-side-encryption: AES256
etag: "ebe3e4ed1116d2f30c297f590cf2bfc7"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56869
x-amz-cf-id: P_9guTy2-YolSFA4h9Ewf3NMrL_I77-PuHZsn8oQrqT4_K6RIorGuQ==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 13 KB
5 KB 168ms
128ms Script
application/javascript 108.138.34.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-18.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ue47Arb7o21QIXzXdR.6SzkIvhr7p6iy
content-encoding: gzip
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
date: Tue, 16 Apr 2024 00:48:36 GMT
x-amz-cf-pop: MUC50-P2
age: 42762
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4699
last-modified: Wed, 29 Mar 2023 14:00:58 GMT
server: AmazonS3
etag: "1f7cabf79794bdf27abc546d74059ded"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
x-amz-cf-id: BNMr00298gnGF4BYFrJOrbSslsCCtLQOeYlOLcsPmQhb8d34p68IVw==

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95EF 0
0 153ms
44ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://correiodoestado-br.portalms.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 1989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 11:58:13 GMT
expires: Wed, 16 Apr 2025 11:58:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
248 B 500ms
115ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=241031&uniq=_2u9i801sd&ref=aHR0cHM6Ly9jb3JyZWlvZG9lc3RhZG8tYnIucG9ydGFsbXMuaW5mby8%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=7776000
date: Tue, 16 Apr 2024 12:31:22 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 13

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H2 200 92306955
mc.yandex.com/webvisor/ 43 B
0 322ms
81ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/92306955?wv-part=1&wv-type=7&wmode=0&wv-hit=826037816&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&rn=223214800&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1713270685%3Aw%3A1600x1200%3Av%3A1310%3Az%3A120%3Ai%3A20240416143125%3Au%3A1713270682327663738%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Ast%3A1713270685&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 16-Apr-2024 12:31:25 GMT
content-type: image/gif
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:25 GMT

POST
H2 200 92306955
mc.yandex.com/webvisor/ 43 B
0 67ms
66ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/92306955?wv-part=1&wv-type=7&wmode=0&wv-hit=826037816&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&rn=148307443&browser-info=we%3A1%3Aet%3A1713270686%3Aw%3A1600x1200%3Av%3A1310%3Az%3A120%3Ai%3A20240416143125%3Au%3A1713270682327663738%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Ast%3A1713270686&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 16-Apr-2024 12:31:25 GMT
content-type: image/gif
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:25 GMT

POST
H2 200 92306955
mc.yandex.com/webvisor/ 43 B
0 70ms
69ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/92306955?wv-part=2&wv-type=7&wmode=0&wv-hit=826037816&page-url=https%3A%2F%2Fcorreiodoestado-br.portalms.info%2F&rn=83225410&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1713270686%3Aw%3A1600x1200%3Av%3A1310%3Az%3A120%3Ai%3A20240416143126%3Au%3A1713270682327663738%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Ast%3A1713270686&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://correiodoestado-br.portalms.info/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 12:31:26 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 16-Apr-2024 12:31:26 GMT
content-type: image/gif
access-control-allow-origin: https://correiodoestado-br.portalms.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 16-Apr-2024 12:31:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404090101&jk=3417044867064617&bg=!QUKlQg3NAAbi8lI9wvI7ADQBe5WfON5orJ201xmxKmTVFlwPRv1hpxfztqxTrncetC5T1RGdn2oX18H4uId9ghqv-WLSAgAAA25SAAAAAWgBB34ANQE-Ux_5spTC-L8ES6Aap4XTWQBQ4EKoM4DKmzVAQhqhZTq1233sAH8EMK_Oy8ZybKZl9tDYmQK4VYMSjeezPPu448-df5h_gz2DAujYyULn04cFEk6G6W6hjJl3yGr7cO19FuP0nDGAo4-k05Nt06EJWtDBNHN2_dfqVJ-cXBnrD_khJCO1Bg1Eh4ooV5EMc322UHXg-cMQ7Z9V-o9AYwWnW2PS0lIeXBccQOnrLw0sFCKptI_viapmO8BkdXW2aHqFqZTdw341WmtiENRRtBA6MWbotrpVuFhnX09g_W2JUgAUeJFh8nIYd_pmdJVBwub9iJ8IqGff5om2QItfV111L8GQgIdhKwiiDk1JnKrTRIm0ojl2fE7DF5wIjHD9WJJPmRWE7Ggp11CNDmQJCkCzdTxkjd1oXsEtt6tWLcREJmQE8N8MKTU71QKG61W7KpjRcpJigAfgWzv_MUmjSF3dHT19-MzXNSaQdSEwqb4E_wN00s-dyQlyRVSvOE-MwKxQLfLcwqhoG2mbTm7n4Ol5GSTAF6D5Pq41ZbPaLrcIgrhng_8oXPsekjNmwICe09nnBoiN9-IjYerzmIjoyZ2QENdBxq2ioTTbtO4P8TbZuoC7A648DVUVRzDxGD2iCAZbVH_iua0A8pWtsBmLya1_5tbqAJDpv_VjtSGG_aqOAcmZjJvTE5XCxX-BJzTmBW1nvobbCvPLg3Bi7JFuBgsixXkw22CCfdCUXXYfW36mmc_TT4OSL8pDfsn20V9p2Dj53EIR4o1K8BtjBqk3Uqv2zyJlGOLMQu8e59wkh8sZWu7c0iDTzMli94QJmtI1IaLCT7pf6oYrrhO5lOywgeXYwYUleGQBw2EhIPNBi7hz-PIBOd_PKG6j-RD_EjLlZzXuH1hvZa8tkC5_-RtJa73mUUJF7K1AA8b64sr-BMaISeHIbaAYfQq9YssUk6MYJUbWgRxfhGctnu_mfXyvwKkRwH1n9okXXOgqJpxtxN4d

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-validate-1.19.5	1970-01-20 19:55:57	Name: view Value: 1
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js/jquery-cookiebar	1970-01-20 19:55:57	Name: view Value: 1
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images/climatempo	1970-01-20 19:55:57	Name: view Value: 1
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/images	1970-01-20 19:55:57	Name: view Value: 1
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/css	1970-01-20 19:55:57	Name: view Value: 1
correiodoestado-br.portalms.info/application/themes/correiodoestado-br.portalms.info/js	1970-01-20 19:55:57	Name: view Value: 1
correiodoestado-br.portalms.info/	1970-01-20 19:55:57	Name: view Value: 1
correiodoestado-br.portalms.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: krljh400926v8chh6vpjbrr634
.portalms.info/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1713270679%2C%22currentVisitStarted%22%3A1713270679%2C%22sessionId%22%3A%22c65d9598-e875-4ce6-9c69-7ee4759432a4%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//correiodoestado-br.portalms.info/%22%2C%22referrer%22%3A%22%22%7D
.portalms.info/	1970-01-21 00:18:01	Name: ___nrbi Value: %7B%22firstVisit%22%3A1713270679%2C%22userId%22%3A%2225f6d14d-7853-464a-952c-ede3ed3db4a1%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1713270679%2C%22timesVisited%22%3A1%7D
.portalms.info/	1970-01-21 00:18:01	Name: compass_uid Value: 25f6d14d-7853-464a-952c-ede3ed3db4a1
.portalms.info/	1970-01-21 05:30:30	Name: _ga_BXGB68T2MJ Value: GS1.1.1713270679.1.0.1713270679.60.0.0
.portalms.info/	1970-01-21 00:13:42	Name: __eoi Value: ID=2ef8a685e00be750:T=1713270678:RT=1713270678:S=AA-AfjbvhEd_JYiJf0NLOyZJAHlB
events.newsroom.bi/	1970-01-21 00:13:42	Name: _u Value: 25f6d14d-7853-464a-952c-ede3ed3db4a1
events.newsroom.bi/	1969-12-31 23:59:59	Name: _s Value: c65d9598-e875-4ce6-9c69-7ee4759432a4
events.newsroom.bi/	1970-01-20 20:37:42	Name: _lv Value: null
events.newsroom.bi/	1970-01-20 20:37:42	Name: _ut Value: 0
.portalms.info/	1970-01-21 05:30:30	Name: _ga Value: GA1.2.1099716886.1713270679
.portalms.info/	1970-01-20 19:55:57	Name: _gid Value: GA1.2.592707010.1713270679
.portalms.info/	1970-01-20 19:54:30	Name: _gat_gtag_UA_1420794_71 Value: 1
.vmuid.com/	1970-01-21 05:30:30	Name: guid Value: dae96c95-f642-49f3-a6ca-94cbf83d173e
pupspu.com/	1970-01-20 19:55:57	Name: av_sw_hit Value: 1
correiodoestado-br.portalms.info/	1970-01-20 19:55:57	Name: prefix_views_counter Value: 1
.yandex.ru/	1970-01-21 04:40:06	Name: yashr Value: 9888810391713270681
mc.yandex.ru/	1970-01-21 04:40:06	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.portalms.info/	1970-01-21 04:40:06	Name: _ym_uid Value: 1713270682327663738
.portalms.info/	1970-01-21 04:40:06	Name: _ym_d Value: 1713270682
.mc.yandex.com/	1970-01-20 19:54:31	Name: sync_cookie_csrf Value: 4005817152fake
mc.yandex.com/	1970-01-21 04:40:06	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.yandex.com/	1970-01-21 05:30:30	Name: i Value: FMcwQjjGgKQEFlG4boYvMFX85uqxp0oewacNGvPwnn+w+vIm5/vz8r6lBwH2vm1o3bZ/vxRWwZqkvzlwXqGjg2R1uZ4=
.yandex.com/	1970-01-21 04:40:06	Name: yandexuid Value: 7359643771713270681
.yandex.com/	1970-01-21 04:40:06	Name: yashr Value: 6330594401713270681
.portalms.info/	1970-01-20 19:55:42	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 19:54:31	Name: sync_cookie_csrf Value: 1292415806fake
.mc.yandex.com/	1970-01-20 19:55:57	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 05:30:30	Name: yandexuid Value: 7359643771713270681
.yandex.ru/	1970-01-21 05:30:30	Name: yuidss Value: 7359643771713270681
.yandex.ru/	1970-01-21 05:30:30	Name: i Value: FMcwQjjGgKQEFlG4boYvMFX85uqxp0oewacNGvPwnn+w+vIm5/vz8r6lBwH2vm1o3bZ/vxRWwZqkvzlwXqGjg2R1uZ4=
.yandex.ru/	1970-01-21 05:30:30	Name: yp Value: 1713357081.yu.8589868381713270681
.yandex.ru/	1970-01-21 04:40:06	Name: ymex Value: 1715862681.oyu.8589868381713270681
.yandex.com/	1970-01-21 04:40:06	Name: yuidss Value: 7359643771713270681
.yandex.com/	1970-01-21 04:40:06	Name: ymex Value: 1744806681.yrts.1713270681
.yandex.com/	1970-01-21 04:40:06	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 04:40:06	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTIzIiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTIzIhoFIng4NiIiECIxMjMuMC42MzEyLjEyMiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIkdvb2dsZSBDaHJvbWUiO3Y9IjEyMy4wLjYzMTIuMTIyIiwiTm90OkEtQnJhbmQiO3Y9IjguMC4wLjAiLCJDaHJvbWl1bSI7dj0iMTIzLjAuNjMxMi4xMjIiIg==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 615347971713270681
.portalms.info/	1970-01-20 19:54:32	Name: _ym_visorc Value: w

142 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ap-adserver.igaming-ap-service.io/ads Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://pageview-notify.rdstation.com.br/send Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado-br.portalms.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ap-adserver.igaming-ap-service.io
cdn.pn.vg
connect.facebook.net
correiodoestado-br.portalms.info
d0dcda1528231911fc91cae3c616334f.safeframe.googlesyndication.com
d335luupugsy2.cloudfront.net
demiseskill.com
dtokw98w8oklz.cloudfront.net
events.newsroom.bi
fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
origunix.com
osp-assets.pn.vg
p.smrk.io
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
popups.rdstation.com.br
pupspu.com
region1.analytics.google.com
sdk.mrf.io
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vmuid.com
widget.horoscopovirtual.com.br
www.google-analytics.com
www.google.com
www.google.nl
www.googleoptimize.com
www.googletagmanager.com
pagead2.googlesyndication.com
108.138.34.18
13.95.152.229
142.250.185.228
162.19.96.13
172.217.18.2
172.240.253.132
172.67.159.162
178.162.215.162
188.114.96.3
2001:4860:4802:34::36
216.58.206.34
2600:9000:237d:400:5:6af1:95c0:21
2606:4700:20::681a:1ab
2606:4700:20::681a:ab
2606:4700:20::681a:ce0
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9b
2a02:6b8::1:119
2a03:2880:f084:d:face:b00c:0:3
2a06:98c1:3120::3
34.68.90.188
35.223.116.65
54.194.192.48
01acc546042ca49013cf6c8f854ad565a27c53599379126ed71c63b60817fdc6
06bb75dce5bc8efb4fa5134037197afc0acd54d5678a11cf1c0e35e1f8e506ad
0cd16fd609cc6b7c841cb941e2defe6bb606487df105d580df2fd8f5f34d6a4e
11076dd4a86d587f214ac5bb2fe78147db864e0087056274c0d34d7a2f1ffb9a
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
15cdc035024cefd16ecaadcae9187490377e62d89065d17123e2b198d1153aa3
1a6f31313dd4e8fc17d7471400e287fb5bee43df258bd72fc783417dfeedfac1
1e7519f6cef5a384d99007dc2b3f2c3966c0d3e8898e354af61c0a299ca2b5d3
1ede75cc0c3091f1ce830cc4afcdbcf143b3b67bdc478370a80c133021c14dcd
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b21355061cd35c509f89196bed922e5a3e0e323c63e526c54669f074f97b65
2a419228a8fe596be6dd30d48ad714cefed3d74ad2dcf5c2b58445abb9a74fd3
2e7033a203807854b19982aaaefc60e7cc4433b86bd597979030fe6957259346
3445a62ddd8425678d90d61ff7a96ee0c0d8831a30cedd54e7ae30423c6eb53c
380fe081dad4ff67790de2d8cfc86808d4886078521048e3e2372c1b24d45185
3a4429ba9c0d14b2d807827b11779236ba441402eb4fef023634ad2baee7e8d7
3b903fb9e277701d1aed32bcd887e2484aaa4c17fd0e4ce5e474b32a7618ef66
3c13c55e9e0474d5b1e21b870fad5bbe8fcc935abf9aac365f5078aece5ee5ab
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a6a2d909697b17e2775fc77237ba4526e00320eec078b7ab7212772c44558c1
51865bf953be915e619cb57237bdbfe58efb531bbab4047366fdd72e2c2d3b5c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56796c0217162c07a834852e4bc032236bee30a4f43bcd3c147f41caf2b7b408
5efc006946644fd78bd9b35d4007665d56f794642ca10dabf48a6ed89517c346
60e5a75a4a77d904783cd18caf626b918bc19e8e2b3b29b6c829f9ee1e815ff6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
6a0d426eac4cb3a4cfe939ed1128f54e5164459ae5e77328f8fc6bf0348995f6
7a4ee2ca9233b4df324cb6903ef4af5c6a2231811fc219a6824ad9b46d5be7d9
7be0b531f03d2659da4e1596c7cb6401b93ffc98e7457fbc0a8eac8edaa90852
7de683f0cc2fd625d8b6741d13adde8f54b3316ffd14cf11ddcf47b869e8dcdb
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
91eb4084c0447379479a0e425d8b655becbcedc75313977b13470414a74bb50f
9469142f9b726a62d062bfb5d3358f6d43a307b048caab3683deba4bca45681c
95aa8181a6c6d929de99629094580940392b00bf938db043de55b08462b402f4
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9a2e922dcc0c2ad8824c4788b40a4b8f230d1a266f23f27c44484ccadd0ff660
9a83935554c811295bf724df7c5737750750bd0c5819a548366ceebf2287976b
9c6ff8abedcaba150c45098f57b3643a749976b98d572e7f73d9ebbfe92d0a4d
a25ac40a1b2d3aaf78faed36f6480b8530cdcd042d92863493b5a5da51f539c9
a853a4fc2ea314d74e38905da9512f01dbd66a403a4bff873cbf6046692d556d
ad78ce0412a1349add2fc3ef4e008f31ddff4376b83c21cd591891164f35eac7
ae4a5f5633accf1f4e011b372206e30c57fd5cc047d7c88a03237f460521269e
af1756f799fa1cf1e916300956ffdf5702fa3c5abc2c420d12fbe249b2362bd6
b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48
b49892aebff452c1f1a5c9011bf16693e92c867eee324176c6955477391a338a
ba7ad12f00c8e2a5b68758e5107d7e209f807d8c5a480fde2249d964c2007210
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c5f65b1f8ad1d78fa79ccea32b887b4a5f088ce17ebdc9c3156397c2fb71a86d
d3ba1f549e6f3a461cea067f707112fb9bd74501906be2d3c1962764e884f23f
d59fcb68ad27e8b36d98954b1a65c6890149f2190ead255cd65b3b76c8be09f9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e27f634163e2d127f3f6d135f51541e4c1d2256cfbc367cb5449794f771e3d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5b810879d926326f14210569df5b98b6db32adffed2d7d8fd326c572687337d
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b

correiodoestado-br.portalms.info Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

93 %HTTPS

58 %IPv6

24 Domains

32 Subdomains

32 IPs

7 Countries

1092 kBTransfer

3622 kBSize

46 Cookies

60 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

correiodoestado-br.portalms.info Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

93 %
HTTPS

58 %
IPv6

24
Domains

32
Subdomains

32
IPs

7
Countries

1092 kB
Transfer

3622 kB
Size

46
Cookies

80 HTTP transactions
0 data transactions