www.blogsoestado.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blogsoestado.com/
Effective URL:
https://www.blogsoestado.com/
Submission: On July 08 via automatic, source certstream-suspicious (July 8th 2024, 2:35:32 pm UTC) — Scanned from NL

Summary HTTP 72 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 16 domains to perform 72 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.blogsoestado.com.
TLS certificate: Issued by WE1 on July 8th 2024. Valid for: 3 months.

This is the only time www.blogsoestado.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
6	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2.19.225.248 2.19.225.248	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	186.192.83.2 186.192.83.2	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
8	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	34.95.229.88 34.95.229.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
72	23

23 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blogsoestado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogsoestado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.91.5 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

s.videos.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.225.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-225-248.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 186.192.83.2 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-83-2.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

37e662dc9eb2b56b094b27996c048cd8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.229.88 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.229.95.34.bc.googleusercontent.com

globo-ab.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	blogsoestado.com 1 redirects blogsoestado.com www.blogsoestado.com	349 KB
10	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1906 syndication.twitter.com — Cisco Umbrella Rank: 2295	30 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 37e662dc9eb2b56b094b27996c048cd8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 211	214 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 107
5	wp.com c0.wp.com — Cisco Umbrella Rank: 12453 stats.wp.com — Cisco Umbrella Rank: 4475 pixel.wp.com — Cisco Umbrella Rank: 4143	28 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 208 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 279	146 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3576
2	glbimg.com s3.glbimg.com — Cisco Umbrella Rank: 61207	602 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	90 KB
2	globo.com s.videos.globo.com — Cisco Umbrella Rank: 633017 globo-ab.globo.com — Cisco Umbrella Rank: 92286	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	104 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 571	143 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 9102	408 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 346	31 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 6241	361 B
0	imirante.com Failed imirante.com Failed
72	16

	Domain	Requested by
22	www.blogsoestado.com	www.blogsoestado.com
8	platform.twitter.com	www.blogsoestado.com platform.twitter.com
6	pagead2.googlesyndication.com	www.blogsoestado.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	www.facebook.com	connect.facebook.net
3	securepubads.g.doubleclick.net	www.googletagservices.com imasdk.googleapis.com
3	region1.analytics.google.com	www.googletagmanager.com
3	c0.wp.com	www.blogsoestado.com
2	syndication.twitter.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	s3.glbimg.com	s.videos.globo.com
2	connect.facebook.net	www.blogsoestado.com connect.facebook.net
2	www.googletagmanager.com	www.blogsoestado.com
1	imasdk.googleapis.com	s3.glbimg.com
1	globo-ab.globo.com	s.videos.globo.com
1	pixel.wp.com	www.blogsoestado.com
1	37e662dc9eb2b56b094b27996c048cd8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.nl	www.blogsoestado.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googletagservices.com	www.blogsoestado.com
1	stats.wp.com	www.blogsoestado.com
1	s7.addthis.com	www.blogsoestado.com
1	s.videos.globo.com	www.blogsoestado.com
1	blogsoestado.com	1 redirects
0	imirante.com Failed	www.blogsoestado.com
72	24

This site contains links to these domains. Also see Links.

Domain
imirante.com
www.oestadoma.com
movimentogratitude.grupomirantema.com
www.miranteam.com
www.mirantefm.com
www.vcnoimirante.com
twitter.com
facebook.com

Subject Issuer	Validity	Valid
blogsoestado.com WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
s.videos.globo.com RapidSSL TLS RSA CA G1	`2024-04-03` - `2025-04-02`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.google.nl WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
s3.glbimg.com RapidSSL TLS RSA CA G1	`2024-04-04` - `2025-04-04`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-08-20`	a year	crt.sh
globo-ab.globo.com R10	`2024-06-09` - `2024-09-07`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
syndication.twitter.com R11	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.blogsoestado.com/
Frame ID: 6EBEBE3F038608A0B806B40848C671DF
Requests: 57 HTTP requests in this frame

Frame: https://37e662dc9eb2b56b094b27996c048cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8092B82FAAB754C236D264A066B8F6A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.blogsoestado.com
Frame ID: 9BF0EC44B8E5E7A12B31A30E9C29A61A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: C49B4347BAE8F832A9B647109A4B1CD0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7604416171284441&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1720447216&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.blogsoestado.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=28~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=28_16~31_3~27_14~30_19&aiixl=28_4~31_8~27_3~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720449322424&bpp=90&bdt=1606&idt=521&shv=r20240702&mjsv=m202407020101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4849502519669&frm=20&pv=2&ga_vid=532615815.1720449322&ga_sid=1720449323&ga_hid=1725634784&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44795922%2C95330410%2C95334508%2C95334529%2C95334566%2C95334579%2C31085084%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1821790849756720&tmod=2007188042&uas=0&nvt=1&fsapi=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=703
Frame ID: 0FEF226A6E1732059D2231FE061C6652
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaed8a7831d461b2a%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fdanielmatos%2F2024%2F07%2F07%2Fgentil-neto-desponta-na-corrida-eleitoral-em-caxias-com-lideranca-trabalho-a-mostrar-e-popularidade-crescente%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81
Frame ID: 968310DADE1CA6FA34E3A87B6F813C01
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd33c7cc7fdf945e2%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fmarciohenrique%2F2024%2F07%2F05%2Fdia-mundial-do-chocolate-07-de-julho%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81
Frame ID: 8D60CF7F305DEF27A06182734FDB63A3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb4827dc90a80f1c1%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fevandrojunior%2F2024%2F07%2F05%2Fpresidente-da-abih-ma-parabeniza-hotel-por-premio-melhores-destinos-2023-2024%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81
Frame ID: 1ADCEE8C63D4AFBACBCD30E6FBA9AD3B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8fde0dd39f350ab3%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fflaviobraga%2F2024%2F06%2F21%2Feleicao-2024-dicas-eleitorais-rapidas%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81
Frame ID: E4D11B201198F954F20DD5DB0C15E36C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb09f4c729a5204fd%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fjoaquimhaickel%2F2024%2F06%2F08%2Ffabrica-de-narrativas-falsas-assola-nosso-pais%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81
Frame ID: B65F02191E0D8D6ACDA4A7FAD2AF8319
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: 833C88FD4E471A0C5DDBBE78988D2145
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: 369A13F8A3627B0D71897DEED7A604EF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: 32C3229F580DBEA49344478D98FEBC3A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: A8E2793DFC83B31EEF598FB968F2A782
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: DCC66E51273726AB7FC318F4D68429ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C69AB0EBEBA79545A56586D9582CC7F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blogs O Estado - Blogs O Estado.com

Page URL History Show full URLs

https://blogsoestado.com/ HTTP 301
https://www.blogsoestado.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

97 %
HTTPS

45 %
IPv6

16
Domains

24
Subdomains

23
IPs

5
Countries

1751 kB
Transfer

5136 kB
Size

2
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://imirante.com/
Title: Imirante.com

Search URL Search Domain Scan URL

URL: https://www.oestadoma.com/
Title: Jornal O Estado do Maranhão

Search URL Search Domain Scan URL

URL: http://movimentogratitude.grupomirantema.com/
Title: Movimento Gratitude

Search URL Search Domain Scan URL

URL: https://www.miranteam.com/
Title: Rádio Mirante AM

Search URL Search Domain Scan URL

URL: https://www.mirantefm.com/
Title: Rádio Mirante FM

Search URL Search Domain Scan URL

URL: https://imirante.com/noticias
Title: notícias

Search URL Search Domain Scan URL

URL: https://imirante.com/esporte
Title: esporte

Search URL Search Domain Scan URL

URL: https://imirante.com/namira
Title: na mira

Search URL Search Domain Scan URL

URL: https://imirante.com/servicos
Title: serviços

Search URL Search Domain Scan URL

URL: https://imirante.com/oestadoma
Title: o estado

Search URL Search Domain Scan URL

URL: https://imirante.com/miranteam
Title: mirante am

Search URL Search Domain Scan URL

URL: https://imirante.com/mirantefm
Title: mirante fm

Search URL Search Domain Scan URL

URL: https://imirante.com/miranteam/quem-somos
Title: a rádio

Search URL Search Domain Scan URL

URL: https://imirante.com/miranteam/cobertura
Title: cobertura

Search URL Search Domain Scan URL

URL: https://imirante.com/miranteam/anuncie
Title: comercial

Search URL Search Domain Scan URL

URL: https://imirante.com/miranteam/programacao
Title: programação

Search URL Search Domain Scan URL

URL: https://imirante.com/mirantefm/quem-somos
Title: a rádio

Search URL Search Domain Scan URL

URL: https://imirante.com/mirantefm/cobertura
Title: cobertura

Search URL Search Domain Scan URL

URL: https://imirante.com/mirantefm/anuncie
Title: comercial

Search URL Search Domain Scan URL

URL: https://imirante.com/mirantefm/programacao
Title: programação

Search URL Search Domain Scan URL

URL: http://www.vcnoimirante.com/
Title: vc no imirante

Search URL Search Domain Scan URL

URL: http://www.vcnoimirante.com/cadastro/
Title: cadastro

Search URL Search Domain Scan URL

URL: http://www.vcnoimirante.com/login/recuperacaoSenha
Title: esqueci a senha

Search URL Search Domain Scan URL

URL: http://imirante.com/internas/faleconosco/
Title: fale conosco

Search URL Search Domain Scan URL

URL: https://twitter.com/imirante

Search URL Search Domain Scan URL

URL: https://facebook.com/portalimirante

Search URL Search Domain Scan URL

URL: https://imirante.com/rss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blogsoestado.com/ HTTP 301
https://www.blogsoestado.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.blogsoestado.com/
Redirect Chain

https://blogsoestado.com/
https://www.blogsoestado.com/

44 KB
14 KB

89ms
59ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: 0af219a6435d92d7802a1f83d224cf956c3d72ee848ea0fed48d3d05ff5f82a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 2104
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-edge-cache: cache,platform=wordpress
cf-ray: 8a00ccde58ad0e48-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jul 2024 14:35:20 GMT
last-modified: Mon, 08 Jul 2024 14:00:16 GMT
link: <https://www.blogsoestado.com/wp-json/>; rel="https://api.w.org/", <https://www.blogsoestado.com/wp-json/wp/v2/pages/28>; rel="alternate"; type="application/json", <https://www.blogsoestado.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCbEdf4J9vyp7mtf2lAFf%2FZxJ1pPF1mrQBHHGv7dpj8N3zORY%2FF9%2B5a4zjRWXl7d3LEcQfIwaY97%2BM6qzieDQ5u6Va0JQlR7E80GD1Yv02H3EbBr1M1wINZfolgY2iiAkwovs6PSPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.15

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8a00ccdcdeb50e48-AMS
content-length: 167
content-type: text/html
date: Mon, 08 Jul 2024 14:35:20 GMT
expires: Mon, 08 Jul 2024 15:35:20 GMT
location: https://www.blogsoestado.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8BJ%2FYCO1yUCwYJopJz9JBazGmENj7zYugFOJtWt6cV3EwcUwwBOsWC450D3Mba8XE46oXDuvpNRnRKfYPKxctMpRuJbLRWllreycbBCXqd73QGzRK2gSZnnXuL066k9c7DR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
104 KB 476ms
68ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WFJJSLZ6HX

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80b2294f5634faeb719217ee52a7a8604e933fa500fe143beb302910735243dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jul 2024 14:35:21 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
52 KB 215ms
82ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

70cae4e49c8e06e2d7a4f8c5febf57cd9bfb39c46f4d8c3ec781b19e15c3e560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52787
x-xss-protection: 0
server: cafe
etag: 16624697175415176054
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 08 Jul 2024 14:35:20 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.11/wp-includes/css/dist/block-library/ 57 KB
9 KB 153ms
15ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.11/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 08 Jul 2024 14:35:20 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 08 Jul 2025 14:35:20 GMT

GET
H3 200 frontend.min.css
www.blogsoestado.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 7 KB
1 KB 425ms
422ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.6.2
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Feb 2021 11:53:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1c68-5bc13af2d87cb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjxD66cWjOTvDE8%2Bh38oBmRtZAkvI712ONoJCeWDT8S7nsb27y84fmlwq1KL5qdIUb3UDX6T9pu4rgc2Q4D19b9Cp98Bcm9tspnXkJ6V8XsRREWLPz7yulWAfCMQKarrqUG3W13xrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8a00ccdf39dc0e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
www.blogsoestado.com/wp-content/themes/imirante/ 15 KB
4 KB 541ms
538ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 890b62457d54a01a392f8dd459b2ff1b0528f645d620e409467acc06e46ce3f0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:59:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3d96-5e39c14f3daa8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaVscANAvHUpTg61qv%2Baa7kwV6P%2B1cKolBvDJIZzOCn0KyXgXQhQpTC7i5ZvSEPjjP%2BMbee%2BNtYJaxAfqupDEKWfsMgiySKBRQikBaPdZi4hs%2BOnq9UaOxhji%2FkLfcp3TsidQDsI7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8a00ccdf39e10e48-AMS
alt-svc: h3=":443"; ma=86400

GET rodape.css
imirante.com/site/css/ 0
0

GET
H3 200 jqtransform.css
www.blogsoestado.com/wp-content/lib/css/ 9 KB
2 KB 460ms
457ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-content/lib/css/jqtransform.css?ver=0.0.1
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72d1f360c631670aac81a4fb8853d061eeb4684a1eb97783e6c0f5593299e82f

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 12:44:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"240d-5bbec2b095b76"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wkBIMjryPjRys6Sc5X5gj2rlrlnmfGPDveamS929rcXK3noll6TAJm50D3m8tbyLFztCSrrQaBIYX%2FUB4O6G6L72XL0jT9ffvL5fmfA0lZjB5zmyX89BaWb9SGh4Ej1eb4Y1s25sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8a00ccdf39e30e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.5.3/css/ 75 KB
14 KB 168ms
31ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.5.3/css/jetpack.css

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 08 Jul 2024 14:35:20 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 08 Jul 2025 14:35:20 GMT

GET
H3 200 custom.css
www.blogsoestado.com/wp-content/uploads/theme/ 0
426 B 458ms
455ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-content/uploads/theme/custom.css?c=20240708140016
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 12:44:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-5bbec2aee58d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2OXmh4bLLdIYHHakika%2FTzZPxbnWvfeuZHKjF%2Bdu7ch9BEuCzRHnFEYr%2FBnFLe4cQhNOLyPhKBBNxOPzhaQwfvq9vsdhdUSBOCrlfbjPDhsWTjr5Db%2F8bHOiXSkK3ONCiIRoUFTDIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
accept-ranges: bytes
cf-ray: 8a00ccdf39e70e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 api.min.js Show response
s.videos.globo.com/p2/j/ 42 KB
13 KB 1423ms
252ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.videos.globo.com/p2/j/api.min.js

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Mon, 08 Jul 2024 14:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 650890418 ra09 20 04
age: 58107
x-cache-status: HIT
content-length: 12654
x-xss-protection: 1; mode=block
x-request-id: f7d5f05d-7e7f-4b26-84e2-6e7d42d72a3f
last-modified: Tue, 03 Jan 2023 12:09:30 GMT
x-thanos: 0AB4D013
etag: W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 08 Jul 2024 22:26:54 GMT

GET
H3 200 logo_imirante_rodape.png
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 7 KB
7 KB 457ms
455ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/logo_imirante_rodape.png
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d154e5211148eae6a6873878c722a1757e2587ec2cbf03f97ff1c6c862552d65

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b84-5e39bfe276244"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BhxrkgqpbP%2BSGTshCKkY8pRJwZ%2BeinMWZBDcIRiRVBFhHzOa1P2bW1h9E6T5Ib2QKpdX7kDZPFthdIUFQuhKZFin%2Bhn8dYt%2FjSzyu5vQ80MrsL2BqXoL4TYhQbpqY6rdyBEecNFDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a00ccdf39e80e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7044

GET
H3 200 icone-rodape-twitter.png
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 4 KB
4 KB 459ms
457ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/icone-rodape-twitter.png
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f7f4bb2e5ef1ba57eb3eae68907a29e3a09cf556d6953df7cd19d414dcfc431

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:53:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e85-5e39bfd621920"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNp2TMEpUx7JT5DDMZgGvMM4U1%2FLxgZA8Ue%2F%2BKjoPIwoAT5rzzHTD%2B9kHytQp69HQNoZJVzpxNh9LGtJP49DeyRFJdtexQfru5nbvUlDt95ITpOKbvO7gl5rLygmZK0TzRgWko5nkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a00ccdf39e90e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3717

GET
H3 200 icone-rodape-facebook.png
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 3 KB
4 KB 122ms
122ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/icone-rodape-facebook.png
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd9c74f789f1398a06539f15a428b36ebb2124355464a6f6fbdbc40622701a86

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:52:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "de2-5e39bfc2f616b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N84AbxpYNGo3yHllIRpEIg2pM4Fv0Du75mWnwPb8HXrpe56tieTBxhCn2BYCwHMqxYqyquQvMz%2Fn2o%2FAAmyAkTaIgTz9IvbPjy9cxzwdcFkh6W86oFPIE4se1th6VigZxp8hVfNC4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a00cce22e940e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3554

GET
H3 200 icone-rodape-rss.png
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 4 KB
4 KB 140ms
140ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/icone-rodape-rss.png
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5b007c4068b3262fb89275645672b309360a215ddf58bdc23895c7c7ee29fce

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eb1-5e39bfcd4a281"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRCSyvtS9gHZoYLgJdMmo1QedQLA65F1aXZmXZ7cKdjjGp%2FXQqXoe35xpNG4Sk5dUR8tbYegJvwYah%2FtIRGjIIcxnoiji2j9CHV4n8VMXdtLQOCxZmhNVTHUiNGthVZlRY%2Bi3g6Apg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a00cce22e960e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3761

GET
H3 200 jquery-1.7.2.min.js Show response
www.blogsoestado.com/wp-content/lib/js/ 93 KB
34 KB 219ms
219ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-content/lib/js/jquery-1.7.2.min.js?ver=1.7.2
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 12:44:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17277-5bbec2af616c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6o1Bfl20FVvZXHFmWtuIPJO1%2FPHA%2B6aRYzol3y%2FK1aSf4kEbpNa2WhgiRmd1CrRfcdtIRBH8%2FRzdt4niNMzK6hyEtHxBgcPCGwgPu5r0gmIgbKQ7eJEWeiSm0qiWwZmyYZpgqqsVdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8a00cce30fcd0e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.jqtransform.js Show response
www.blogsoestado.com/wp-content/lib/js/ 13 KB
4 KB 123ms
121ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-content/lib/js/jquery.jqtransform.js?ver=0.0.1
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f80a3ca14f52c6c00a5755be6512ec2fd4e2649c046528a6daca828c51e5c29a

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 12:44:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"357c-5bbec2af616c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4gFlxtOmacBgewRNn2AynhIoL1CCZB9GJG8gRoaFJNg0lnCLLZmQFhVgHDzvyG6ajDqrDQDr0Jw4XR1w61flFr8moJ9k2x%2B7loR7nDYyk%2FTJrwWk%2Fuho%2F%2BGDHcfOLHpQV80%2BAK6SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8a00cce3684d0e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 632ms
37ms Script
text/javascript 2.19.225.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=8.28.4

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.225.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-225-248.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 14:35:22 GMT
server: Oracle API Gateway
opc-request-id: /FB21F01164D45FFB0F18F2D9559FBBAC/90A8B063F16F648805215FA646E6D1D6
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.7.11/wp-includes/js/ 1 KB
1 KB 65ms
62ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.11/wp-includes/js/wp-embed.min.js

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 16 May 2023 15:37:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 08 Jul 2025 14:35:21 GMT

GET
H2 200 e-202428.js Show response
stats.wp.com/ 7 KB
3 KB 307ms
15ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202428.js
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Mon, 08 Jul 2024 14:35:22 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113530.9253
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Fri, 04 Jul 2025 17:28:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
4 KB 322ms
32ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd3e6639779ada8b89e229375572041b44dc7fc09f209846d3038a6bb662f156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blogsoestado.com/
Origin: https://www.blogsoestado.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 14:35:22 GMT
content-md5: I++4D/0HGnPAfN8fPF9S+g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=14, mss=1297, tbw=2804, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: bc5XWQ0sGbjmr6ZFiPZe+ir+3KHuqD3tC+6cxjU0uZJ79PIw6yhjQNe4JQakFLE5b2RQayBTvuQDElD467aHpQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 35930dfca7d8cda96dcf13e13e01fb9f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "096511e1300016a522b42ca437c0631f"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:44:20 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
31 KB 533ms
133ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dc58c04b2150630676617e5a6eaf0e98a24b5f881f061b6f377446ef4d694e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31473
x-xss-protection: 0
server: cafe
etag: 596 / 19912 / 31085077 / config-hash: 7649066263849151815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:35:21 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 78ms
20ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WFJJSLZ6HX&gtm=45je4730v881579413za200&_p=1720449321012&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=532615815.1720449322&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720449321&sct=1&seg=0&dl=https%3A%2F%2Fwww.blogsoestado.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1363&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJJSLZ6HX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 14:35:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blogsoestado.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 105ms
33ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WFJJSLZ6HX&cid=532615815.1720449322&gtm=45je4730v881579413za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJJSLZ6HX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 14:35:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blogsoestado.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 333ms
44ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WFJJSLZ6HX&cid=532615815.1720449322&gtm=45je4730v881579413za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1828875515

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 14:35:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/ 467 KB
145 KB 250ms
64ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f8ed2e4e6bc7d75dc8dab7d97ad92e7a611d82ff93d8692535fa9466ab3a3591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 08 Jul 2024 07:00:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27283
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148836
x-xss-protection: 0
server: cafe
etag: 13429486672346502663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Jul 2025 07:00:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
73 B 381ms
205ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.blogsoestado.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fe2513966b7ff7da79de63356a7ea17d8ccfdc77388cdba7152cea9aa5041945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
x-xss-protection: 0
expires: Mon, 08 Jul 2024 14:35:22 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.blogsoestado.com/wp-includes/js/ 14 KB
5 KB 275ms
267ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.11
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 11:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3795-5bbeb42eb9f80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlMoeB8gBclpsdmHEm6SrTx%2F3hht8HxXDhBNhMHHtqIAwb%2Bb%2BNxaai0gZi18NPR4%2BYcYm9m03ic0MebuTcVmc4WtLfxm73TvYW1KgJxvhrEHK1%2BCQkS1agJFlaVkid1QeS3VOEpeSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8a00cce9ca240e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
0 8ms
8ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WFJJSLZ6HX

Requested by

Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80b2294f5634faeb719217ee52a7a8604e933fa500fe143beb302910735243dd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:21 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jul 2024 14:35:21 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 30ms
25ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WFJJSLZ6HX&gtm=45je4730v881579413za200&_p=1720449321012&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=532615815.1720449322&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720449321&sct=1&seg=0&dl=https%3A%2F%2Fwww.blogsoestado.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=47&tfd=1985&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJJSLZ6HX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 14:35:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blogsoestado.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407020101/ 424 KB
143 KB 105ms
97ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7604416171284441&plah=www.blogsoestado.com&aplac=true&bust=31085084

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

835a75335a462268cf4f761858ae5fbfe3d141d12a9b9e7eb3603a040aba0612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146472
x-xss-protection: 0
server: cafe
etag: 17964942593795390758
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 14:35:22 GMT

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 876ms
255ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: s.videos.globo.com
URL: https://s.videos.globo.com/p2/j/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:23 GMT
content-encoding: gzip
x-openstack-request-id: tx27e06be5d8f044ce8a196-00668bf912
last-modified: Wed, 01 May 2024 20:19:39 GMT
x-thanos: 0AB14003
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693675470.000000
content-type: application/javascript
x-timestamp: 1714594778.79715
cache-control: public, max-age=180
x-trans-id: tx27e06be5d8f044ce8a196-00668bf912
x-request-id: 917d8979-f5b1-4e1a-92cc-522fc50c2897

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 414 B
176 B 247ms
94ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1821790849756720&correlator=3042187915255754&eid=31079956%2C31084968%2C31085077%2C95327819%2C31084180%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407030101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=117489811%2CBlogsOEstado__Topo&enc_prev_ius=%2F0%2F1&prev_iu_szs=960x120%7C960x100%7C960x90%7C960x50%7C970x90&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1720449322610&lmt=1720447216&adxs=320&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.blogsoestado.com%2F&vis=1&psz=1600x1200&msz=960x10&fws=128&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720449320818&idt=1440&adks=211810356&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

be547db4f17c7c82b746e05da02e810c75ff94f331d5eb3ac5e62efb88c174f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.blogsoestado.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
37e662dc9eb2b56b094b27996c048cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F809 0
0 332ms
42ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37e662dc9eb2b56b094b27996c048cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 14:35:23 GMT
expires: Mon, 08 Jul 2024 14:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 176ms
31ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 27597
x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-etou8220152-FRA
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H3 200 topo_bg.jpg
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 443 B
880 B 138ms
130ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/topo_bg.jpg
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de9e4492916d53889deaa9bc41ebf1d859901093b840fdb9cfef40b0cce1df4

Request headers

Referer: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 11:40:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1bb-5bbeb43196640"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LXe%2FRhZ16Bjemx63LeqMa4dkP%2Bns2nkhCHQrVn6oQhO21h%2F%2FlioJmE0rupWHpQRdk5bYXnpdOLAzlaVSQRFL3Z0gdlbrxpaYWZSwI%2BKdp684uqVDq%2BafZ7S7w0tl7XvE6P9Lm85opg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8a00cceb3c780e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 443

GET
H3 200 topo.jpg
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 37 KB
37 KB 239ms
230ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/topo.jpg
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07722eaa8d7874ab00a2346f2e14db34c2590a26a4ad8694a899d1b6f13667f8

Request headers

Referer: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 11:40:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "932e-5bbeb43196640"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2CMvnAFeyHkmux%2FgkNngXzrYHTKgsaxGUBAqrvLeorHxqBJVQI8DbMS%2FTf5lo4mZW96plZMKo8ZQ0S8T6kvAOi92ZmNFCh0RUWEBK0C7gxBFnjU7Uv7aGbkpvjjRyblWQVilRlaKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8a00cceb3c7d0e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37678

GET
H3 200 sprit_tools.png
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 58 KB
58 KB 282ms
271ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/sprit_tools.png
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4033a5cb7aa64c36333415e3b9645a8d1da6a5d039839e6dc27754ee40de2eb8

Request headers

Referer: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:54:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e663-5e39c02f0165a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSEeDlRhooAwlRrnhkeccL5STrshpHnmKYGGLyR5hmr21zgqX5s6GBj%2F5rEvsuddWg0vO1ZTcRW%2FVu6sfeH4DijAfwM7ZYG2wJ8T2vauAat3odY%2Bs2p3lWHjxF1%2FrZSZRbvru8OxbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a00cceb3c810e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 58979

GET
H3 200 stripes_painel2.png
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 222 B
656 B 155ms
138ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/stripes_painel2.png
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a278b1bf27b39e1d9d74b5249a231ce4ad93da39b9a1bbf480e15eb772662dc

Request headers

Referer: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:58:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "de-5e39c11ff623c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BuOx6RhNDOFABK9WUfFT9CkOjK9Bbk5BWw7pi%2BuTQ0FKL0DjvEZkm2IPfUbSeR5q6Mtf6jTRdqXLRZe3RXUApQoq%2BV7fIJ%2BF80442BUapdwMk8IyN1QFpy3Pdp7zsCf3ApOV57RYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a00cceb4c9c0e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 222

GET
H3 200 ico-busca.png
www.blogsoestado.com/wp-content/themes/imirante/imagens/ 3 KB
4 KB 141ms
124ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/themes/imirante/imagens/ico-busca.png
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43dc9a084d766a33fb3d8171adf0157ee5cf39d883cc89f6ca503f66dd96aed0

Request headers

Referer: https://www.blogsoestado.com/wp-content/themes/imirante/style.css?ver=1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Jul 2022 13:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "df7-5e39c130b14a5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fapw9Su1CombTqHNWlUBO5jLJtPru8%2FIqHPQ8UqxkkQ76I%2BM0E4P6zt6QuQ5cpE%2FMcz%2FWxlvee0apSCtdZya%2BPXDb9ZdmicXXNlrnB4R7h0UjkmqzxxrT6zCYFGhW8V%2FrDCpKWpFkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8a00cceb4ca30e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3575

GET
H3 200 IMG-20240707-WA00312.jpg
www.blogsoestado.com/danielmatos/wp-content/blogs.dir/23/files/2024/07/ 60 KB
60 KB 149ms
140ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/danielmatos/wp-content/blogs.dir/23/files/2024/07/IMG-20240707-WA00312.jpg
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb44285ebc01fe986818956dfde5513764f61dd553d9872a7e40fa87ea790ff

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 07 Jul 2024 14:43:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ef1d-61ca950e84675"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rQGfsA03zN1lMBH8F16ynepoiwBOEVGGBS7K4%2BipwPP9%2FB6FxCLNgRBt1VSKF2e10%2BzVtyJrwL3q5IXjNlDWDX72a4dPAa7ZQd559%2Bbd8oxtKWRNOPxdVqded7e0P%2FvLNKNx%2BCyilA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8a00cceb7cde0e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 61213

GET
H3 200 FRIBAL-DIA-MUNDIAL-DO-CHOCOLATE-7.7.jpg
www.blogsoestado.com/marciohenrique/wp-content/blogs.dir/21/files/2024/07/ 97 KB
98 KB 527ms
520ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/marciohenrique/wp-content/blogs.dir/21/files/2024/07/FRIBAL-DIA-MUNDIAL-DO-CHOCOLATE-7.7.jpg
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88436db63680f430eccf37fb88a20a0948a5bce5cd1c611010bb7969391fdac

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:23 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jul 2024 22:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18464-61c87771dd350"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cs2LuOkLBaQZScfnlsFFhU%2Fq50XQ9C5F%2B39qnnqXarE3I9asCnwgthXJAdiT3yK5xMPm7fcrXM2PfX6Y7x9sGCdFAGeIhqcwRGbfI%2FT5GeV9Zzk4IvmLGGt%2F9dE1L9H5Yl%2FF9Ag9DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8a00cceb7ce30e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 99428

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 47ms
26ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=170736642&post=28&tz=-3&srv=www.blogsoestado.com&host=www.blogsoestado.com&ref=&fcp=0&rand=0.49337597574036596
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 14:35:22 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 input_text_left.gif
www.blogsoestado.com/wp-content/lib/imagens/form/input/ 3 KB
4 KB 284ms
281ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/lib/imagens/form/input/input_text_left.gif
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/wp-content/lib/css/jqtransform.css?ver=0.0.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d52ecd3aeb90c0ee0810a905c7616d55d50dd5a224ea80c8e1fa04a82e10805

Request headers

Referer: https://www.blogsoestado.com/wp-content/lib/css/jqtransform.css?ver=0.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:22 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 12:44:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cd4-5bbec2b04a06c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATQubWzkFYBaNJZoty3AldxTNY2T2bi%2F7wCkgOL%2BNINB2soGXN%2BjlRR%2BtD8xosnUtr%2FHu4SHrUcTPOta%2FMcXegYuLFKfqEKdO2v%2Fssg48jZksydwQy1%2FBqDI%2BBZfJYSpEhqgj%2BWchg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 8a00ccebdd880e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3284

GET
H3 200 input_text_right.gif
www.blogsoestado.com/wp-content/lib/imagens/form/input/ 460 B
897 B 450ms
448ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blogsoestado.com/wp-content/lib/imagens/form/input/input_text_right.gif
Requested by: Host: www.blogsoestado.com
URL: https://www.blogsoestado.com/wp-content/lib/css/jqtransform.css?ver=0.0.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edefd17c43581a3c87b1ce66020d1cd4125da2aa9e5959a613d6585fb897a111

Request headers

Referer: https://www.blogsoestado.com/wp-content/lib/css/jqtransform.css?ver=0.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:23 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Feb 2021 12:44:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1cc-5bbec2b047573"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGJwf6mAtZnBjnYX2PT9BKnV9bCS%2FNBP2LHiMOrip71n3DuGU5qhu9mWfm0vyIeCjV%2FPHnGF0VTypmUhLZm4HL7NXodDxS76JS6Rm9%2BxEyFdeMqVSlZ9dRbNztHDY7%2FC4s3ZEmsJSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 8a00ccebdd8e0e48-AMS
alt-svc: h3=":443"; ma=86400
content-length: 460

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 299 KB
86 KB 30ms
27ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=d6b27b11a414f12b885bc3158c36b71e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

780410baef5e20255d57e09864240e8ca88259780e86d45d73cc17413a9c987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blogsoestado.com/
Origin: https://www.blogsoestado.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 14:35:22 GMT
content-md5: BSQ+Kt3jm7NnTLGPjZ+fhA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87642
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=20, mss=1297, tbw=6655, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug: 9F2ZzMYWndwdbe39m60xKtXRddNF+hWG9m1kvf1gnYHd71KRNodFOMH/wsmYnU80GTc0HdoOFg2K8H6L/P0RKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e60e0821142a49f04fb62e51a9fc5242
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "bec2ddd02e314c53df55cbebacc572b5"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 08 Jul 2025 13:04:17 GMT

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 9BF0 0
0 174ms
23ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.blogsoestado.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 14:35:23 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100176-IAD, cache-fra-etou8220070-FRA

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/ Frame C49B 0
0 118ms
26ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7604416171284441&plah=www.blogsoestado.com&aplac=true&bust=31085084

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 43289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 02:33:54 GMT
etag: 2738592464165616
expires: Mon, 22 Jul 2024 02:33:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 0FEF 0
0 147ms
81ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7604416171284441&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1720447216&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.blogsoestado.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=28~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=28_16~31_3~27_14~30_19&aiixl=28_4~31_8~27_3~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720449322424&bpp=90&bdt=1606&idt=521&shv=r20240702&mjsv=m202407020101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4849502519669&frm=20&pv=2&ga_vid=532615815.1720449322&ga_sid=1720449323&ga_hid=1725634784&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44795922%2C95330410%2C95334508%2C95334529%2C95334566%2C95334579%2C31085084%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1821790849756720&tmod=2007188042&uas=0&nvt=1&fsapi=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=703

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 14:35:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 326 B
836 B 1116ms
207ms Fetch
application/json 34.95.229.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true

Requested by

Host: s.videos.globo.com
URL: https://s.videos.globo.com/p2/j/api.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

88.229.95.34.bc.googleusercontent.com

Software

Resource Hash

eb540dc1218678bea9d4d2a767e47d1103dbeb9830c56bd52c3054713f0f43a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:24 GMT
strict-transport-security: max-age=300; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.blogsoestado.com
access-control-allow-credentials: true
trace-id: 41c42c7de13d06cc
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 250ms
249ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

59aeb36a340c27b9025ebe4ee3ab3650768349ec5d65c7559465172e7bb3e80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12828
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v6.0/plugins/ Frame 9683 0
0 537ms
66ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaed8a7831d461b2a%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fdanielmatos%2F2024%2F07%2F07%2Fgentil-neto-desponta-na-corrida-eleitoral-em-caxias-com-lideranca-trabalho-a-mostrar-e-popularidade-crescente%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=d6b27b11a414f12b885bc3158c36b71e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 08 Jul 2024 14:35:24 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389273581404618037"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389273581404618037"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1297, tbw=7696, tp=-1, tpl=-1, uplat=36, ullat=0
x-fb-debug: TS6D3L8cPeOiG4YUmGa37QMURjv1pao1gG/+moZKe1qzre8OP8K1ucuWLJUX4OY5GBfcUWtxuNFPDFHCMCDgFQ==
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v6.0/plugins/ Frame 8D60 0
0 469ms
61ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd33c7cc7fdf945e2%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fmarciohenrique%2F2024%2F07%2F05%2Fdia-mundial-do-chocolate-07-de-julho%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=d6b27b11a414f12b885bc3158c36b71e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 08 Jul 2024 14:35:24 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389273581934504002"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389273581934504002"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1297, tbw=2894, tp=-1, tpl=-1, uplat=32, ullat=0
x-fb-debug: VNjQjsx2g6nzcxdlwSj4Jd5SsqXqqxTkvtzZ+8FarvDarJ8SwIVtZkE3UQB4i5mn68wodO8RxZPuvutqZwPPEw==
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v6.0/plugins/ Frame 1ADC 0
0 308ms
62ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb4827dc90a80f1c1%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fevandrojunior%2F2024%2F07%2F05%2Fpresidente-da-abih-ma-parabeniza-hotel-por-premio-melhores-destinos-2023-2024%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=d6b27b11a414f12b885bc3158c36b71e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 08 Jul 2024 14:35:24 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389273582808853599"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389273582808853599"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1297, tbw=5331, tp=-1, tpl=-1, uplat=32, ullat=0
x-fb-debug: jig6qBdmFfrThIDg07CuP1Yl9fyVZhnfTZERzvxGXjGH1jzwiEwJtxm9w9CToEtmQom84wTXKGyEEg9deaUhMw==
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v6.0/plugins/ Frame E4D1 0
0 268ms
64ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8fde0dd39f350ab3%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fflaviobraga%2F2024%2F06%2F21%2Feleicao-2024-dicas-eleitorais-rapidas%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=d6b27b11a414f12b885bc3158c36b71e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 08 Jul 2024 14:35:24 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389273581088567421"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389273581088567421"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1297, tbw=6120, tp=-1, tpl=-1, uplat=33, ullat=0
x-fb-debug: IJh9Yll+QxK/N6dhnPvQ9Zm5pZkvsbLUZ27oWThGQaYhQztDYCAbFkWkt3Uszq7AJqSrhdkZlAU1a7TgSEbMWA==
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v6.0/plugins/ Frame B65F 0
0 233ms
65ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb09f4c729a5204fd%26domain%3Dwww.blogsoestado.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogsoestado.com%252Ff632908e15ef81c80%26relation%3Dparent.parent&container_width=700&href=https%3A%2F%2Fwww.blogsoestado.com%2Fjoaquimhaickel%2F2024%2F06%2F08%2Ffabrica-de-narrativas-falsas-assola-nosso-pais%2F&layout=button_count&locale=pt_BR&sdk=joey&share=false&size=small&width=81

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=d6b27b11a414f12b885bc3158c36b71e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 08 Jul 2024 14:35:24 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389273582538086477"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389273582538086477"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1297, tbw=6909, tp=-1, tpl=-1, uplat=33, ullat=0
x-fb-debug: NU6tOA43IqY2A15m002byXYsiB3YzKg958hK6OJaYTeibU4pRppciHyG+T4j61mDkvkRCU460XcgkluMJvfynQ==
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 734ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jul 2024 14:35:24 GMT

GET
H2 200 button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 50ms
49ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:23 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 2620
x-served-by: cache-iad-kjyo7100074-IAD, cache-fra-etou8220152-FRA
last-modified: Mon, 11 Dec 2023 17:19:47 GMT
etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
platform.twitter.com/widgets/ Frame 833C 0
0 25ms
23ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12714
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 14:35:24 GMT
etag: "a9939cebd5fcfb5da02584a7718324d9+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220070-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
platform.twitter.com/widgets/ Frame 369A 0
0 25ms
25ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12714
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 14:35:24 GMT
etag: "a9939cebd5fcfb5da02584a7718324d9+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220070-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
platform.twitter.com/widgets/ Frame 32C3 0
0 19ms
19ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12714
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 14:35:24 GMT
etag: "a9939cebd5fcfb5da02584a7718324d9+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220070-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
platform.twitter.com/widgets/ Frame A8E2 0
0 13ms
13ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12714
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 14:35:24 GMT
etag: "a9939cebd5fcfb5da02584a7718324d9+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220070-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
platform.twitter.com/widgets/ Frame DCC6 0
0 8ms
8ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12714
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 14:35:24 GMT
etag: "a9939cebd5fcfb5da02584a7718324d9+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220070-FRA

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
115 B 222ms
139ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.blogsoestado.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22pt%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1720449324401%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=27478a3b344ca07525142af3ced4fd34977a4958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 115
date: Mon, 08 Jul 2024 14:35:23 GMT
strict-transport-security: max-age=631138519
last-modified: Mon, 08 Jul 2024 14:35:24 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 696a793b2b63f955
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: e5c4ffee40425671bf76379f84ba6b78e5d4e5d8792d6b37ef2248d27220adf6
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
293 B 221ms
139ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.blogsoestado.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22pt%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1720449324402%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=27478a3b344ca07525142af3ced4fd34977a4958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 115
date: Mon, 08 Jul 2024 14:35:24 GMT
strict-transport-security: max-age=631138519
last-modified: Mon, 08 Jul 2024 14:35:24 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 55c8e2428dd8a777
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: e5c4ffee40425671bf76379f84ba6b78e5d4e5d8792d6b37ef2248d27220adf6
content-length: 43

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/7.104.0/ 2 MB
601 KB 387ms
387ms Script
application/javascript 186.192.83.2
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/7.104.0/player.min.js
Requested by: Host: s.videos.globo.com
URL: https://s.videos.globo.com/p2/j/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.83.2 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-83-2.prt.globo.com
Software: /
Resource Hash: 6dcc53ba8482e1ade72c6e321a8b213c63e1f4766fe2525ec838863aca5d21cc

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:24 GMT
content-encoding: gzip
x-openstack-request-id: tx7e4e7e10d4454e4eb1a7a-006685a74b
last-modified: Wed, 03 Jul 2024 18:58:57 GMT
x-thanos: 0AB14003
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1720033076.000000
content-type: application/javascript
x-timestamp: 1720033136.43694
cache-control: public, max-age=2592000
x-trans-id: tx7e4e7e10d4454e4eb1a7a-006685a74b
x-request-id: bd135de2-eaa8-4e38-b782-9f00f12ceed0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C69A 0
0 124ms
26ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 5315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 13:06:50 GMT
expires: Tue, 08 Jul 2025 13:06:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 57ms
53ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WFJJSLZ6HX&gtm=45je4730v881579413za200&_p=1720449321012&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=532615815.1720449322&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=3&sid=1720449321&sct=1&seg=1&dl=https%3A%2F%2Fwww.blogsoestado.com%2F&dt=Blogs%20O%20Estado%20-%20Blogs%20O%20Estado.com&en=page_view&_ee=1&_et=554&tfd=7006&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJJSLZ6HX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 14:35:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blogsoestado.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 415 KB
143 KB 297ms
70ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/7.104.0/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

936f5a4299c7435fde1e9db72f95b51fe142f901e9fc9972395e508726b3a4ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145330
x-xss-protection: 0
expires: Mon, 08 Jul 2024 14:35:28 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 18 B
40 B 220ms
219ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.blogsoestado.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-xss-protection: 0
expires: Mon, 08 Jul 2024 14:35:28 GMT

GET
H3 404 favicon.ico
www.blogsoestado.com/wp-content/uploads/theme/ 234 B
592 B 440ms
438ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blogsoestado.com/wp-content/uploads/theme/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdaabb7ef969d3df33f74cd2747392fff0b275accc2899a449f9114da524bcf5

Request headers

Referer: https://www.blogsoestado.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:35:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FBeE1%2BiPEgF0B7oponAcPOYnfXj58zA4zfKNWOqCUpozhWIUuZ2ZphrguOruKnGIRQyJRygQuqYqNwTGzBIGmbmx0VXhtV4XIbP4xLkotL7%2F95MFj82S1tKxmZh5Y1v9xDgR%2BF97Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 8a00cd0e5fa00e48-AMS
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: imirante.com
URL: https://imirante.com/site/css/rodape.css?ver=1.0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407030101&jk=1821790849756720&bg=!W1ilWBfNAAZ5zPvEWcw7ADQBe5WfOPqzuQgGu4uYPf9Xn6TGaLh34-5UgIds16qI4XMhIuRqkieG6DtmcoStRFaPAsKrAgAAAuJSAAAABGgBB34ANRkK3_ypMnojv1Fozrq3tX5mCWhjaqjI5t7VhEIdcPWe1EnOhsw1YdlKJPzfHO8Mgr7NJUQGmQKvqUhoI3b88xrRg6LZyiQ7BvK_JLS92Nw1taCIWnMJD02bNLTgXc0z7yZXNI3NbV9k7XZ7HqJMIhcmRygPTU5hd3SlFVjKr_7gBopcJxsvyzfbzSgCGLxlKf5hepOjD919DfINUfFiQLeHnKmEkanIP-m48zk04j-w3D6mf7W8me0eLMW8gespXPb9Al9MB5PD_DJCVxGFUcAIMXlhquERD9KZVnt8GG5gRz7cCA-BDY0_ue1Te1PO7LZAJzVMmRo6cpWdkmfKXcxdMcm_7CWumd7-9zBv42KoiW6Z1-A5sKYKAF06pmXfTySbHwq9FOFC74T_7XAgyvF4XRmzBfQ8SlElAzMFF2JnvJvEQKlLfxdB5y7FS7fIKlufXMTuurqXNq4e5afT7qG8UiEcFsc9XgWomRJDw0KK5SodELeGpATusdNb7MWhpOTmYQJgWyYg1wNzJfLhb8ZI_qsg_QXMKQPPtiqZ6xu8hdj6OEbfAy4m_uM03G-8kx67U2XPYF8rDFVzhl0BQ_PqsIQCVj6-4o9nIAtwUPuGLEQuAy4-eB5NfVZdR5AtVGXROQNqXzTJR4DV1d2DTMk_-UmH0yt89ebhrIYnwuYJwzwj_4qfI9-MCrjmRfu4iSr0WErgWGu6SypEF5El8hik0isitlcyprAlPGX_ulF31g1iOT9JWDjdX0uuQpmwY6573ZBp--tNTy3E2KSfumUBBWUrYvKFfUAIupaI7yQvBQQnvxW5eJue-KMWF07V5ePpfGO6BxUILhmjwEUlCPUAKbQFQuIc-WZtaP7-_orGa78nOv1XiWwpg4Agi7QFvFlLO2dYij_xChU6c875oIDJQmr4yRSS2rzn6AJcZtot1GyN9xp-LADjVlx0EZCyYXLwiAfxVyy0oYX6Ho81DQq2mCR4CSBH

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.blogsoestado.com/	1970-01-21 07:30:09	Name: _ga Value: GA1.1.532615815.1720449322
			.blogsoestado.com/	1970-01-21 07:30:09	Name: _ga_WFJJSLZ6HX Value: GS1.1.1720449321.1.1.1720449322.59.0.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.blogsoestado.com/(Line 40) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.blogsoestado.com/(Line 40) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.blogsoestado.com/wp-content/uploads/theme/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37e662dc9eb2b56b094b27996c048cd8.safeframe.googlesyndication.com
blogsoestado.com
c0.wp.com
connect.facebook.net
globo-ab.globo.com
imasdk.googleapis.com
imirante.com
pagead2.googlesyndication.com
pixel.wp.com
platform.twitter.com
region1.analytics.google.com
s.videos.globo.com
s3.glbimg.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
syndication.twitter.com
tpc.googlesyndication.com
www.blogsoestado.com
www.facebook.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
imirante.com
pagead2.googlesyndication.com
104.244.42.200
142.250.184.226
146.75.120.157
172.217.18.2
186.192.83.2
186.192.91.5
188.114.97.3
192.0.76.3
192.0.77.37
2.19.225.248
2001:4860:4802:32::36
216.239.34.36
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c04::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.95.229.88
07722eaa8d7874ab00a2346f2e14db34c2590a26a4ad8694a899d1b6f13667f8
0af219a6435d92d7802a1f83d224cf956c3d72ee848ea0fed48d3d05ff5f82a2
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1dc58c04b2150630676617e5a6eaf0e98a24b5f881f061b6f377446ef4d694e6
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d52ecd3aeb90c0ee0810a905c7616d55d50dd5a224ea80c8e1fa04a82e10805
3de9e4492916d53889deaa9bc41ebf1d859901093b840fdb9cfef40b0cce1df4
4033a5cb7aa64c36333415e3b9645a8d1da6a5d039839e6dc27754ee40de2eb8
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
43dc9a084d766a33fb3d8171adf0157ee5cf39d883cc89f6ca503f66dd96aed0
4a278b1bf27b39e1d9d74b5249a231ce4ad93da39b9a1bbf480e15eb772662dc
59aeb36a340c27b9025ebe4ee3ab3650768349ec5d65c7559465172e7bb3e80b
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6dcc53ba8482e1ade72c6e321a8b213c63e1f4766fe2525ec838863aca5d21cc
6f7f4bb2e5ef1ba57eb3eae68907a29e3a09cf556d6953df7cd19d414dcfc431
70cae4e49c8e06e2d7a4f8c5febf57cd9bfb39c46f4d8c3ec781b19e15c3e560
72d1f360c631670aac81a4fb8853d061eeb4684a1eb97783e6c0f5593299e82f
780410baef5e20255d57e09864240e8ca88259780e86d45d73cc17413a9c987a
80b2294f5634faeb719217ee52a7a8604e933fa500fe143beb302910735243dd
835a75335a462268cf4f761858ae5fbfe3d141d12a9b9e7eb3603a040aba0612
890b62457d54a01a392f8dd459b2ff1b0528f645d620e409467acc06e46ce3f0
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
936f5a4299c7435fde1e9db72f95b51fe142f901e9fc9972395e508726b3a4ed
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a88436db63680f430eccf37fb88a20a0948a5bce5cd1c611010bb7969391fdac
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bd3e6639779ada8b89e229375572041b44dc7fc09f209846d3038a6bb662f156
bd9c74f789f1398a06539f15a428b36ebb2124355464a6f6fbdbc40622701a86
be547db4f17c7c82b746e05da02e810c75ff94f331d5eb3ac5e62efb88c174f9
c5b007c4068b3262fb89275645672b309360a215ddf58bdc23895c7c7ee29fce
d154e5211148eae6a6873878c722a1757e2587ec2cbf03f97ff1c6c862552d65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb540dc1218678bea9d4d2a767e47d1103dbeb9830c56bd52c3054713f0f43a6
ecb44285ebc01fe986818956dfde5513764f61dd553d9872a7e40fa87ea790ff
edefd17c43581a3c87b1ce66020d1cd4125da2aa9e5959a613d6585fb897a111
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f80a3ca14f52c6c00a5755be6512ec2fd4e2649c046528a6daca828c51e5c29a
f8ed2e4e6bc7d75dc8dab7d97ad92e7a611d82ff93d8692535fa9466ab3a3591
fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075
fdaabb7ef969d3df33f74cd2747392fff0b275accc2899a449f9114da524bcf5
fe2513966b7ff7da79de63356a7ea17d8ccfdc77388cdba7152cea9aa5041945

www.blogsoestado.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

45 %IPv6

16 Domains

24 Subdomains

23 IPs

5 Countries

1751 kBTransfer

5136 kBSize

2 Cookies

27 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.blogsoestado.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

45 %
IPv6

16
Domains

24
Subdomains

23
IPs

5
Countries

1751 kB
Transfer

5136 kB
Size

2
Cookies

72 HTTP transactions
0 data transactions