www.desenhar.org Open in urlscan Pro
143.110.146.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.desenhar.org/bt21/
Effective URL:
https://www.desenhar.org/bt21/
Submission: On January 22 via api (January 22nd 2024, 2:56:28 am UTC) from US — Scanned from US

Summary HTTP 120 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 25 domains to perform 120 HTTP transactions. The main IP is 143.110.146.76, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.desenhar.org.
TLS certificate: Issued by R3 on December 4th 2023. Valid for: 3 months.

This is the only time www.desenhar.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	143.110.146.76 143.110.146.76	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:afb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4004:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::65	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
2	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	23.62.104.246 23.62.104.246	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4004:c08::67	15169 (GOOGLE) (GOOGLE)
2 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.254.148.251 104.254.148.251	29990 (ASN-APPNEX) (ASN-APPNEX)
3	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	184.86.146.172 184.86.146.172	16625 (AKAMAI-AS) (AKAMAI-AS)
7	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	202.233.84.1 202.233.84.1	() ()
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2 2	5.161.92.137 5.161.92.137	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1 1	104.126.118.200 104.126.118.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	() ()
2	2a03:2880:f08... 2a03:2880:f082:108:face:b00c:0:3	() ()
120	25

27 143.110.146.76 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1076811.cloudwaysapps.com

www.desenhar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:afb2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.coloringall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.62.104.246 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-104-246.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::67 (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

lax1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.186 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.86.146.172 (Minneapolis, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, ) 1 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (None, )

ASN- ()

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.161.92.137 (United States) 2 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.137.92.161.5.clients.your-server.de

sync-dmp.mobtrakk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.118.200 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-118-200.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f082:108:face:b00c:0:3 (None, )

ASN- ()

scontent-ord5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	394 KB
27	desenhar.org 1 redirects www.desenhar.org	902 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	136 KB
10	fbcdn.net static.xx.fbcdn.net scontent-ord5-2.xx.fbcdn.net	185 KB
7	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1783 lax1-ib.adnxs.com — Cisco Umbrella Rank: 2553 nym1-ib.adnxs.com — Cisco Umbrella Rank: 1419	58 KB
6	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 53	25 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	24 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	261 KB
4	gstatic.com www.gstatic.com	32 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	mobtrakk.com 2 redirects sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2235	660 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1778	2 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4271	64 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	175 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	86 KB
1	facebook.com www.facebook.com	16 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2898	1 KB
1	microad.jp aid.send.microad.jp	641 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	553 B
1	linkedin.com 1 redirects px.ads.linkedin.com	645 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	255 B
1	coloringall.com static.coloringall.com — Cisco Umbrella Rank: 424594	732 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	91 KB
120	25

	Domain	Requested by
27	www.desenhar.org	1 redirects www.desenhar.org
17	tpc.googlesyndication.com	googleads.g.doubleclick.net www.desenhar.org pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	www.desenhar.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.bing.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	www.desenhar.org googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	www.desenhar.org googleads.g.doubleclick.net
3	nym1-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	scontent-ord5-2.xx.fbcdn.net	www.facebook.com
2	sync-dmp.mobtrakk.com	2 redirects
2	c1.adform.net	2 redirects
2	px.owneriq.net	2 redirects
2	lax1-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
2	cdn.adnxs.com	www.desenhar.org googleads.g.doubleclick.net
2	adsdk.microsoft.com	www.desenhar.org googleads.g.doubleclick.net
2	connect.facebook.net	www.desenhar.org connect.facebook.net
2	code.jquery.com	www.desenhar.org
2	cdnjs.cloudflare.com	www.desenhar.org cdnjs.cloudflare.com
1	www.facebook.com	connect.facebook.net
1	analytics.pangle-ads.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	static.coloringall.com	www.desenhar.org
1	ajax.googleapis.com	www.desenhar.org
1	www.googletagmanager.com	www.desenhar.org
120	31

This site contains links to these domains. Also see Links.

Domain
www.pinterest.pt
www.instagram.com
www.tiktok.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
desenhar.org R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-31` - `2024-01-29`	3 months	crt.sh
coloringall.com GTS CA 1P5	`2023-12-15` - `2024-03-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.desenhar.org/bt21/
Frame ID: 461FC0C690ADD3594B75B29E1FB8061D
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 658D21369BAF5C3A4A77664C4E24E69F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&adk=1812271804&adf=3025194257&lmt=1705835908&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892182301&bpp=6&bdt=483&idt=254&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6105443968331&frm=20&pv=2&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=286
Frame ID: E4F317E123FD74996B94F47824E10136
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24
Frame ID: C8FFB5651B328E31D821150049FFEA3A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FA81DF01B3B510FBD4F69DB1C3FA3B86
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D97132E32AC1D9B27DA7CFF97B27DD07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 91D3E33C70246EC7B0F7B5C07298F630
Requests: 8 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: F4EF19ED194A5D58DF16FA1734115D67
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400
Frame ID: C94CC423F58EECD74813FC44D316126C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C102674E16FAAD2D262E55AE9F2880A4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 2C5A73071F406E6A01985489DB59142A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 58FE2CCF7194E4430AF317F0ECB32C46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2D5B633BB2BE89F04ED5533D20705AE8
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/v15.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1262e969a8123%26domain%3Dwww.desenhar.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.desenhar.org%252Ff8cc05ddce09c%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwebdeshenhar%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=360
Frame ID: B3E1447E458D7E05855D8C766130D8A9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 238224363DB6861F9C8AD25C7DEFA6D6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3ED090F6ABF4FA246FDC32D9FDB32D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Desenhos de BT21 - Como desenhar BT21 passo a passo

Page URL History Show full URLs

http://www.desenhar.org/bt21/ HTTP 301
https://www.desenhar.org/bt21/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

120
Requests

93 %
HTTPS

63 %
IPv6

25
Domains

31
Subdomains

25
IPs

2
Countries

2539 kB
Transfer

6106 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pinterest.pt/onlinedesenhar/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/desenhar.org123/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@desenhar.org123

Search URL Search Domain Scan URL

URL: https://twitter.com/onlinedesenhar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCz0Gs3R4GYS9GzW6O7r-znw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.desenhar.org/bt21/ HTTP 301
https://www.desenhar.org/bt21/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57ad9540-390d-4b4f-b83b-4ece01c34181&bidId=2&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=26d57ae1-c7e9-4c57-a360-eaead9df5ac5&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_2-1-0%3F%26RG%3Df5ba3ea2dc734146a1414e44f82a21d4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erirefrhzf&aid=5250803511492167678 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=f5ba3ea2dc734146a1414e44f82a21d4&SNR=1&GV=2&med=10

Request Chain 82

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8e166f0f-a6d6-445e-ba86-63c3045d043e&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a4f817a7-bf5d-49f5-8345-e6c1494c5703&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2816-0%29%3F%26RG%3D2bb1517500974c128ae1d6b19d50c3d8%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vcqrivpr&aid=1202124022292872372 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=2bb1517500974c128ae1d6b19d50c3d8&SNR=1&GV=2&med=10

Request Chain 93

https://px.owneriq.net/ecmg?google_gid=CAESEARoIQ8H9HwH1bcar5OrGkk&google_cver=1&google_push=AXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-ZcI6u3zWAxOd6BHskfV36kEYfkck34qH8w HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-ZcI6u3zWAxOd6BHskfV36kEYfkck34qH8w%26google_cver%3d1%26google_gid%3dCAESEARoIQ8H9HwH1bcar5OrGkk%26google_hm%3dUTc1OTE3ODU4NDExNDAyMTMzMTU%3d&uid=Q7591785841140213315&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-ZcI6u3zWAxOd6BHskfV36kEYfkck34qH8w&google_cver=1&google_gid=CAESEARoIQ8H9HwH1bcar5OrGkk&google_hm=UTc1OTE3ODU4NDExNDAyMTMzMTU=

Request Chain 94

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDckcfX2EPkOWWJyarWsVlE&google_cver=1&google_push=AXcoOmQl28k2TTY9cTCfhwvLbYSmKZwXFU-usBQX4r_4GllgbfMLj4Nk7OMaPO1X3zY78t5LlUNWvz90l2lPFiyayv36Z84PvEd3rDU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQl28k2TTY9cTCfhwvLbYSmKZwXFU-usBQX4r_4GllgbfMLj4Nk7OMaPO1X3zY78t5LlUNWvz90l2lPFiyayv36Z84PvEd3rDU

Request Chain 95

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN8-t-z5GmSlVXNqVweg0Xg&google_cver=1&google_push=AXcoOmRh_Rjm27M30g1bNp8aYwuoXuo9EHIwK4FxEecyxX6D33uBHYqxv4QEOR5I6jxs8pE26TQoeMKFISlatYAPLv4Zgmy8Y1IH0Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sIN1enKuQCE9sfQ_EZtR8g&google_push=AXcoOmRh_Rjm27M30g1bNp8aYwuoXuo9EHIwK4FxEecyxX6D33uBHYqxv4QEOR5I6jxs8pE26TQoeMKFISlatYAPLv4Zgmy8Y1IH0Q

Request Chain 97

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMKGhje_-MWmdWnDP3jqFQE&google_cver=1&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUIFPuLXQHEC8KohazLQeaKyFM0tWBI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMKGhje_-MWmdWnDP3jqFQE&google_cver=1&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUIFPuLXQHEC8KohazLQeaKyFM0tWBI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzNDQwNzQwNzIyMzgzMzk0NA&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUIFPuLXQHEC8KohazLQeaKyFM0tWBI

Request Chain 98

https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESECAJ1OE1AGQxW-L3wNQLbxk&google_cver=1&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZINcC1ijfc3P3vWQQm HTTP 302
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESECAJ1OE1AGQxW-L3wNQLbxk&google_cver=1&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZINcC1ijfc3P3vWQQm&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDk3NmU3NGU3ZjliMGU2ZQ&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZINcC1ijfc3P3vWQQm

Request Chain 99

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEEOs1I-nEJ6dTy3IsdpThkg&google_cver=1&google_push=AXcoOmSLgx5Zn4HSHzqtQhPJjuGdbrA5RW1upBP7ijLxjFJrMRSIXyo7RTm6Dr1vCHXFIGUNuwnaxz6jgEMExfTtLE0DTdtdsNmuyFTW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSLgx5Zn4HSHzqtQhPJjuGdbrA5RW1upBP7ijLxjFJrMRSIXyo7RTm6Dr1vCHXFIGUNuwnaxz6jgEMExfTtLE0DTdtdsNmuyFTW

120 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.desenhar.org/bt21/
Redirect Chain

http://www.desenhar.org/bt21/
https://www.desenhar.org/bt21/

69 KB
11 KB

350ms
169ms

Document
text/html

143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 524ca2ed687fbeb5b25657d278b6043cc3e0f90f988a59c35fd398277a57662b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=0, s-maxage=2592000
cache-provider: CLOUDWAYS-CACHE-DE
content-encoding: gzip
content-length: 11081
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 02:56:21 GMT
expires: Mon, 22 Jan 2024 02:56:21 GMT
last-modified: Sun, 21 Jan 2024 11:18:28 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 22 Jan 2024 02:56:21 GMT
Location: https://www.desenhar.org/bt21/
Server: nginx

GET
H2 200 style.css
www.desenhar.org/wp-content/themes/color247/css/ 17 KB
4 KB 100ms
85ms Stylesheet
text/css 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desenhar.org/wp-content/themes/color247/css/style.css
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 7f24bfb69cd661d97b5d6c5ffba4178540b213650f671ee108d6d7826a057f76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 09:34:24 GMT
server: nginx
etag: W/"63a03020-44d2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 styl-btn.css
www.desenhar.org/wp-content/themes/color247/css/ 17 KB
3 KB 101ms
86ms Stylesheet
text/css 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desenhar.org/wp-content/themes/color247/css/styl-btn.css
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 04058346a337f1d8f31b64c77dc60f7cf9a9d69aefd9d4dd34e5675bb6fc96ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 07:34:04 GMT
server: nginx
etag: W/"611cb7ec-44cf"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
www.desenhar.org/wp-content/themes/color247/playonline/ 12 KB
3 KB 101ms
86ms Stylesheet
text/css 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desenhar.org/wp-content/themes/color247/playonline/style.css
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: d4e3347b320d531d56433df3084ab6a2e308fef4577e22392d0e6034b863f7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 02:52:21 GMT
server: nginx
etag: W/"611b2465-3023"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 112ms
35ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5174202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkWHt6eX57%2FAxj25HOUJRT7FBl7eCbcTtHHMIyBdidH97wLJAmAQ4sNc6ZwLxNBwJRxSAy588j2%2Bth1FCkZ5uZWo6PqecciCfQPf1BqWMrYzhbYiB164nxuP7STG8yMFroA4plT0g26%2BRRqucDXw%2Bs8z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 849485f8ed194bc6-BUF
expires: Sat, 11 Jan 2025 02:56:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 761 B
791 B 117ms
40ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 02:26:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 02:56:21 GMT

GET
H2 200 jquery-2.0.2.js Show response
code.jquery.com/ 237 KB
70 KB 162ms
85ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.0.2.js
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d2ed0720108a75db0d53248ba8e36332658064c4189714d16c0f117efb42016d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6457795
x-cache: HIT, HIT
content-length: 71727
x-served-by: cache-lga21931-LGA, cache-nyc-kteb1890038-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705892182.913739,VS0,VE1
etag: W/"28feccc0-3b4e3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 7943, 1

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.10.3/ 426 KB
105 KB 107ms
30ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.3/jquery-ui.js
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 11089976
x-cache: HIT, HIT
content-length: 106766
x-served-by: cache-lga21962-LGA, cache-nyc-kteb1890038-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705892182.913846,VS0,VE0
etag: W/"28feccc0-6a684"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 6184, 17

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 138ms
51ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-THR1926RHL

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c1346adf0f5eb90ee357b5c0720ac811be1d9b7a0af4188c80e1996d44241a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 02:56:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 148ms
57ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7359740774757976

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

404c2268cfacc0769c88dd9ead7e81a08d65db4d1416e3c0cedf735da201ba9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Origin: https://www.desenhar.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51165
x-xss-protection: 0
server: cafe
etag: 6170183825922401531
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 02:56:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
3 KB 114ms
33ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d27c719f65d1c40e7b64fd1b4b2758a03cac91de3182675d3dd004e6419b7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.desenhar.org/
Origin: https://www.desenhar.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 02:56:22 GMT
content-md5: RybeaZfojA+hXyHuhBnIiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: Wd+ULOSZsT8c4XzrMDrk1l0r65XwgCpNuAhk4YG4oyfvLqmxauiFArb6CS9v4RvgDeofLaCvskqpAO9rbRm6Kw==
x-fb-content-md5: 775d07fdbfd7a4977008347173f75c01
cross-origin-opener-policy: same-origin-allow-popups
etag: "5d73ee5296b51bf7347892540bb958ee"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:00:50 GMT

GET
H2 200 style.min.css
www.desenhar.org/wp-includes/css/dist/block-library/ 107 KB
14 KB 103ms
88ms Stylesheet
text/css 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desenhar.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 21:11:46 GMT
server: nginx
etag: W/"654aa812-1add3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 logo.png
www.desenhar.org/wp-content/themes/color247/img/ 13 KB
13 KB 187ms
173ms Image
image/png 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/themes/color247/img/logo.png
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: f4928427635a4ea5b55f3fd321403c6743f784427f95b3d967868419b10c52a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
last-modified: Thu, 14 Oct 2021 10:10:22 GMT
server: nginx
etag: "6168020e-351b"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13595

GET
H2 200 desenhar-bt21-mang-passo-7.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 20 KB
20 KB 175ms
171ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-mang-passo-7.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 81bb1e1efc8154ff46fc11f091335e4e3f540b1e68da6e3498b34cc94381435e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
last-modified: Sat, 06 Nov 2021 09:04:26 GMT
server: nginx
etag: "6186451a-4f57"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20311

GET
H2 200 desenhar-bt21-mang-passo-1.png
www.desenhar.org/wp-content/uploads/2021/11/ 34 KB
34 KB 177ms
174ms Image
image/png 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-mang-passo-1.png
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 5d2cafd625327732acea42aaaf099721a2dc2228a547cfb0d1e93ac894c45ba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:21 GMT
last-modified: Sat, 06 Nov 2021 03:33:38 GMT
server: nginx
etag: "6185f792-8863"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 34915

GET
H2 200 desenhar-bt21-mang-passo-2.png
www.desenhar.org/wp-content/uploads/2021/11/ 38 KB
38 KB 90ms
85ms Image
image/png 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-mang-passo-2.png
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: be6aeaa50cf6ef91249e192a7bc47366d7b7677a5947c375466129f9d8ea82fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 03:33:49 GMT
server: nginx
etag: "6185f79d-98d3"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39123

GET
H2 200 Como-Desenhar-Cicatriz-Passo-9.jpg
www.desenhar.org/wp-content/uploads/2023/11/ 38 KB
38 KB 91ms
87ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2023/11/Como-Desenhar-Cicatriz-Passo-9.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: f2511b529e5f19582e7117c25089d4df21fbf7a0d19d4f92cf5fec98f524c68a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Fri, 03 Nov 2023 17:14:24 GMT
server: nginx
etag: "65452a70-98cc"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39116

GET
H2 200 Como-Desenhar-Moana-Passo-9.jpg
www.desenhar.org/wp-content/uploads/2023/11/ 31 KB
32 KB 117ms
114ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2023/11/Como-Desenhar-Moana-Passo-9.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: ad8add280826a47942dd0271e65f255a8caa33f428adb0015e37fbad40844aa6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Fri, 03 Nov 2023 09:21:45 GMT
server: nginx
etag: "6544bba9-7d50"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 32080

GET
H2 200 Como-desenhar-Hatsune-Miku-Passo-8-5.jpg
www.desenhar.org/wp-content/uploads/2023/11/ 60 KB
60 KB 117ms
114ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2023/11/Como-desenhar-Hatsune-Miku-Passo-8-5.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 4cf9d4d7e83ac41086004fe732d063b7efeaeb40bad2a8ac18ce9a52ad88c646

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Wed, 01 Nov 2023 03:10:00 GMT
server: nginx
etag: "6541c188-ef67"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 61287

GET
H2 200 Como-desenhar-Cruella-de-Vil-Passo-9.jpg
www.desenhar.org/wp-content/uploads/2023/10/ 23 KB
23 KB 151ms
148ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2023/10/Como-desenhar-Cruella-de-Vil-Passo-9.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 0500fe0de4ddfbe3292746b58c6835460acc323dd06b27e4cb83462b1a04a9fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Tue, 31 Oct 2023 01:44:30 GMT
server: nginx
etag: "65405bfe-5cce"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23758

GET
H2 200 Como-desenhar-Kanao-Tsuyuri-Passo-11.jpg
www.desenhar.org/wp-content/uploads/2023/10/ 56 KB
56 KB 155ms
153ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2023/10/Como-desenhar-Kanao-Tsuyuri-Passo-11.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: c8bb9e721a6ae06885464c9cf52d0f1bd38cdc299186f5c34551b062d398c865

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Fri, 27 Oct 2023 09:33:07 GMT
server: nginx
etag: "653b83d3-de00"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 56832

GET
H2 200 Como-desenhar-Splatoon-Passo-7-2.jpg
www.desenhar.org/wp-content/uploads/2023/10/ 37 KB
37 KB 155ms
153ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2023/10/Como-desenhar-Splatoon-Passo-7-2.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: b88fb68fa5fda5017023b73881998023f4db25e2a4ebeb6eea72de05cc89a1bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Tue, 24 Oct 2023 08:29:32 GMT
server: nginx
etag: "6537806c-921a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37402

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 56 KB
20 KB 113ms
32ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 02:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19926
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 02:40:00 GMT

GET
H2 200 print.css
www.desenhar.org/wp-content/themes/color247/playonline/ 516 B
482 B 155ms
154ms Stylesheet
text/css 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desenhar.org/wp-content/themes/color247/playonline/print.css
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 73bdd3859d48db24b70c62a4e7853e994f2c9a3e22aaef03c9456432204b5411

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 02:08:02 GMT
server: nginx
etag: W/"611b1a02-204"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 search.svg
static.coloringall.com/ 286 B
732 B 118ms
34ms Image
image/svg+xml 2606:4700:3031::ac43:afb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.coloringall.com/search.svg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/wp-content/themes/color247/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:afb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 145642f5de03f0693383de962b641ebff01538c430906e731d6ea6bf4e723fd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jan 2020 10:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 456682
etag: W/"5e2acbf5-11e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMZZRQJugy0F%2BAjMtWaaCAuNpnyvUSIfuA7Z0ChnwnUNYyZCA%2BS4l3e%2BoMv0S7v6tgAkecsBY3%2FvG7h86MKceTbOW7HDa60vCcbDPjTm1NsX5sLKThWqjz9vmtEZBZYf9rnpqR%2FVvaDv3RI1LquqEPUC8asE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 849485fa59ec6aee-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 75 KB
76 KB 98ms
41ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.desenhar.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5242289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOTBDjas6g8GbceKxqOSs13hj5lmT5XmtWF%2FeJ98hlKHfkVVQ2%2FsMICGqk2mZhLFg1ETNzie69ywzmkg4uL6EW%2FxQ6WABovKO8i%2FfU%2FCHPwJuPDF5SozWr4DqlSN2Dvyucp3Wl0FgnaL%2BUFKk185iAH7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 849485fa3daa4bc6-BUF
expires: Sat, 11 Jan 2025 02:56:22 GMT

GET
H2 200 desenhar-bt21-cookie-passo-8.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 170 KB
170 KB 159ms
152ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-cookie-passo-8.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 71de9bfb4228fadfa74d34b923f7c6d93764473c4a9f7648bd91a31888fad367

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 09:07:30 GMT
server: nginx
etag: "618645d2-2a65e"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 173662

GET
H2 200 desenhar-bt21-chimmy-etape-7.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 9 KB
9 KB 215ms
209ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-chimmy-etape-7.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: e42a001cb27316ca44a7ad4fb682f41a060a758ca047b84b9c5dece3728ae7e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 09:09:56 GMT
server: nginx
etag: "61864664-246b"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9323

GET
H2 200 desenhar-bt21-koya-passo-8.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 82 KB
82 KB 215ms
209ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-koya-passo-8.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 4d59a5c96dd5fc785a17b0a9883d99601a815f1ba059d92b9ec0fe86234bcfb4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 09:11:05 GMT
server: nginx
etag: "618646a9-14901"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 84225

GET
H2 200 desenhar-bt21-tata-passo-6.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 64 KB
64 KB 216ms
210ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-tata-passo-6.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: a991f73243cad4e0bdc749dd8661b74bc315dd538e59512adeddec7737a1b449

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 09:12:14 GMT
server: nginx
etag: "618646ee-ff96"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 65430

GET
H2 200 dessin-bt21-van-etape-6.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 77 KB
78 KB 216ms
210ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/dessin-bt21-van-etape-6.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 1782b6d3a9dd312fbd6de10d6f9afdb827ff411204522f8bafb23eb67e418da5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 09:13:28 GMT
server: nginx
etag: "61864738-135b6"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 79286

GET
H2 200 desenhar-bt21-shooky-passo-4.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 9 KB
9 KB 216ms
211ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-shooky-passo-4.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: f81eafbc50cadf8884fa5b3c8880939d116ab94fe83f84678eab3e413d9b7259

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 09:14:25 GMT
server: nginx
etag: "61864771-246a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9322

GET
H2 200 desenhar-bt21-rj-passo-7.jpg
www.desenhar.org/wp-content/uploads/2021/11/ 9 KB
9 KB 216ms
211ms Image
image/jpeg 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-rj-passo-7.jpg
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: d2e26bcb6bb80eb4af764de72acd7deb50d263792774c86c7a821c1cad296825

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 09:15:28 GMT
server: nginx
etag: "618647b0-2479"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9337

GET
H2 200 desenhar-bt21-mang-passo-2b.png
www.desenhar.org/wp-content/uploads/2021/11/ 42 KB
43 KB 216ms
212ms Image
image/png 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-mang-passo-2b.png
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 53f6820b002d81f2e86ba985e0ba50a20686c22a853b0180d4564f8fdb8e1895

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 03:33:59 GMT
server: nginx
etag: "6185f7a7-a994"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 43412

GET
H2 200 desenhar-bt21-mang-passo-3.png
www.desenhar.org/wp-content/uploads/2021/11/ 45 KB
45 KB 216ms
212ms Image
image/png 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-mang-passo-3.png
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 1afe50b20b77b9bc508a16806b17971741c66c5d3d603ea902993a3b7e0767e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
last-modified: Sat, 06 Nov 2021 03:35:23 GMT
server: nginx
etag: "6185f7fb-b27f"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45695

GET
BLOB 200
OK f78d3056-f36c-494e-81b5-c83604cf0823
https://www.desenhar.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.desenhar.org/f78d3056-f36c-494e-81b5-c83604cf0823
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 303 KB
87 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=1c3a932bfa81606838cbcdccc0b244fc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0b482e640f6006fb7f3ae089c37266dd6d26198ffdd58ee52d51c13d333f0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.desenhar.org/
Origin: https://www.desenhar.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 02:56:22 GMT
content-md5: fumlk9bJDoEHWpN9lTeQNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88522
reporting-endpoints
x-fb-debug: 60RyGhT+YMwLmVHMZ8ucpzncFpRdqUOCaMCAIGY+CGjQOqxtzL/ypL6JqBKCMdIkmghizx+zN9jnCJwTuitMSA==
x-fb-content-md5: bfe45a05be098339c493aa303e696671
cross-origin-opener-policy: same-origin-allow-popups
etag: "50e74befe4ef379d4afbe0aad9b138c3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 21 Jan 2025 02:08:37 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.desenhar.org/wp-includes/js/ 18 KB
5 KB 149ms
136ms Script
application/javascript 143.110.146.76
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.desenhar.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1076811.cloudwaysapps.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/bt21/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
content-encoding: gzip
last-modified: Sat, 05 Aug 2023 02:16:55 GMT
server: nginx
etag: W/"64cdb117-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 402 KB
136 KB 164ms
99ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7359740774757976

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e77a0e44b6fce02be41bd1a8a5c205596573cfa4efde0e0efc931e473212a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139566
x-xss-protection: 0
server: cafe
etag: 5188938632230409121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 02:56:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 658D 9 KB
4 KB 102ms
31ms Document
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7359740774757976

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 33811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:32:51 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 17:32:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 112ms
42ms Ping
text/plain 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-THR1926RHL&gtm=45je41h0v9128828230&_p=1705892182023&gcd=11l1l1l1l1&dma=0&cid=1022164676.1705892182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705892182&sct=1&seg=0&dl=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&dt=Desenhos%20de%20BT21%20-%20Como%20desenhar%20BT21%20passo%20a%20passo&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1172
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THR1926RHL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.desenhar.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4F3 449 KB
98 KB 494ms
478ms Document
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&adk=1812271804&adf=3025194257&lmt=1705835908&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892182301&bpp=6&bdt=483&idt=254&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6105443968331&frm=20&pv=2&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=286

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b8eb72b43c1240e83fcc97fddd2365b2fb35d045f82211aff9b8d96818aafd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 100543
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 02:56:23 GMT
expires: Mon, 22 Jan 2024 02:56:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 100ms
93ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=bttop&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 161 KB
55 KB 60ms
58ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/reactive_library_fy2021.js?bust=31080557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

730bf2c12f90e78d53b2dc9f2b16e6ec862c7f46df20425fe0b0c6a02f32b07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56320
x-xss-protection: 0
server: cafe
etag: 9983978064141640465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8FF 48 KB
19 KB 369ms
368ms Document
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7a2be170a44ae0f3250f37eb1b118ec1a308f8ce0bd3b5943220896ef7499e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 02:56:23 GMT
expires: Mon, 22 Jan 2024 02:56:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame FA81 9 KB
4 KB 33ms
31ms Document
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 34686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:18:17 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 17:18:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame D971 9 KB
4 KB 31ms
30ms Document
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 34686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:18:17 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 17:18:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 91D3 9 KB
4 KB 31ms
30ms Document
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 34686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:18:17 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 17:18:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame FA81 4 KB
767 B 41ms
40ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 01:24:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FA81 205 B
295 B 109ms
31ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:29:44 GMT
x-content-type-options: nosniff
age: 26799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 Jan 2025 19:29:44 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FA81 604 B
1 KB 108ms
30ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:27:57 GMT
x-content-type-options: nosniff
age: 1706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Jan 2025 02:27:57 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame FA81 16 KB
7 KB 129ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:12:23 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame FA81 22 KB
9 KB 132ms
35ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:07:15 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame F4EF 94 KB
32 KB 148ms
34ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/790C) /
Resource Hash: b2112e944307f68d8662983059ce3217e04a72c6127f7c6f2d2f654dcd72267d

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
content-md5: tLIyQJPl0bhnQiedbHYi6g==
age: 288256
x-cache: HIT
content-length: 32320
x-ms-lease-status: unlocked
last-modified: Mon, 08 Jan 2024 14:46:22 GMT
server: ECAcc (nya/790C)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fc29bb33-a01e-0081-643f-4a5773000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame F4EF 80 KB
27 KB 150ms
36ms Script
application/x-javascript 23.62.104.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.104.246 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-104-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 02:56:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Tue, 21 Jan 2025 02:56:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F4EF 3 KB
1 KB 107ms
80ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:44:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F4EF 20 KB
8 KB 90ms
64ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:12:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4EF 206 KB
66 KB 122ms
31ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 91D3 18 KB
1 KB 42ms
41ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 01:10:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 91D3 2 KB
903 B 75ms
70ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:04:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:04:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 91D3 23 KB
9 KB 76ms
72ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:23:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 91D3 3 KB
1 KB 74ms
71ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:44:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 91D3 20 KB
8 KB 43ms
41ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:12:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91D3 206 KB
65 KB 157ms
88ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 91D3 37 KB
15 KB 33ms
31ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:13:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C94C 11 KB
1 KB 41ms
40ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 02:40:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C94C 2 KB
856 B 51ms
41ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:04:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:04:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame C94C 23 KB
9 KB 46ms
37ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:23:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C102 143 B
166 B 66ms
57ms Document
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 02:18:29 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C94C 3 KB
1 KB 50ms
41ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:44:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C94C 20 KB
8 KB 39ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:12:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C94C 206 KB
65 KB 192ms
172ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame C94C 37 KB
15 KB 38ms
31ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:13:51 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame C8FF 94 KB
32 KB 91ms
26ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/790C) /
Resource Hash: b2112e944307f68d8662983059ce3217e04a72c6127f7c6f2d2f654dcd72267d

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
content-md5: tLIyQJPl0bhnQiedbHYi6g==
age: 288256
x-cache: HIT
content-length: 32320
x-ms-lease-status: unlocked
last-modified: Mon, 08 Jan 2024 14:46:22 GMT
server: ECAcc (nya/790C)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fc29bb33-a01e-0081-643f-4a5773000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame C8FF 80 KB
27 KB 77ms
40ms Script
application/x-javascript 23.62.104.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.104.246 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-104-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 02:56:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Tue, 21 Jan 2025 02:56:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C8FF 3 KB
1 KB 80ms
44ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:44:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C8FF 20 KB
8 KB 81ms
44ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 16:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C8FF 0
0 169ms
42ms Image
text/html 2607:f8b0:4004:c08::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCrWdeXOmevksuhxS5jHRu4GuRi-WlYxXBJkON5nmThfBjwI60abzfCZ2vNreZGIaHYUuNNRQPRdcX_oPrDxbahgkmEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8FF 206 KB
65 KB 95ms
32ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 02:56:23 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C102
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
55ms

Document
text/html

2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 02:56:24 GMT
expires: Mon, 22 Jan 2024 02:56:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 02:56:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

c.gif
www.bing.com/aes/ Frame F4EF
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57ad9540-390d-4b4f-b83b-4ece01c34181&bidId=2&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=26d57ae1-c7e9-4c57-a36...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=f5ba3ea2dc734146a1414e44f82a21d4&SNR=1&GV=2&med=10

0
316 B

48ms
46ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=f5ba3ea2dc734146a1414e44f82a21d4&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 744C1A323C664550B32D89FD3C345251 Ref B: NYCEDGE1408 Ref C: 2024-01-22T02:56:24Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 22 Jan 2024 02:56:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B844E603D034F908350E359E9D4A6FA Ref B: NYCEDGE1408 Ref C: 2024-01-22T02:56:23Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=f5ba3ea2dc734146a1414e44f82a21d4&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 150
expires: 0

GET
H2 200 th
www.bing.com/ Frame F4EF 5 KB
5 KB 150ms
35ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OAIP.313e9b627e0a56f1e22287039d62d585&pid=AdsNative&c=3&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b68b2d2955b8d0b7758135957de03a758c953ceb8d563be56342ce6270b17e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:23 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CA7E087CD334B95AB522A0AAC415F8C Ref B: NYCEDGE1408 Ref C: 2024-01-22T02:56:23Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4922

GET
H2 200 rd_log Show response
lax1-ib.adnxs.com/ Frame F4EF 0
530 B 296ms
83ms Script
text/html 104.254.148.251
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.desenhar.org%2Fbt21&e=wqT_3QLyA-jyAQAAAwDWAAUBCNayt60GEP6P9b6Uv6bvSBgAKjYJzJwe0m2lmj8RZhJIiHv3mT8ZAAAAwMzM-D8hZg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4gdwFgAEBigEDVVNEkgUG9AUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh1odHRwczovL3d3dy5kZXNlbmhhci5vcmcvYnQyMYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWtu_bMuIqpqVnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWR0wX6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAABE8gAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHgdwF0gcNCQEiAQEBJgzaBwYIBQmg4AcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=5f28a7c87656e3f75a6772bb30cc49b54f637026&bdref=https%3A%2F%2Fwww.desenhar.org%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.desenhar.org%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240118%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-7359740774757976%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D2,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240118%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
an-x-request-uuid: 93c2c33b-3a83-479a-8812-2210da35e824
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.37; 96.9.249.37; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame C8FF
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8e166f0f-a6d6-445e-ba86-63c3045d043e&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a4f817a7-bf5d-49f5-834...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=2bb1517500974c128ae1d6b19d50c3d8&SNR=1&GV=2&med=10

0
184 B

49ms
48ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=2bb1517500974c128ae1d6b19d50c3d8&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C3B827D62154208AE7DC50FAC8703D2 Ref B: NYCEDGE1408 Ref C: 2024-01-22T02:56:24Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 22 Jan 2024 02:56:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4EF48F50456242E4852ADFFFA5F74242 Ref B: NYCEDGE1408 Ref C: 2024-01-22T02:56:24Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=2bb1517500974c128ae1d6b19d50c3d8&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 156
expires: 0

GET
H2 200 th
www.bing.com/ Frame C8FF 18 KB
18 KB 33ms
33ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8177682881020_1NX9Q1TVK4BOIHBVXX&pid=21.2&c=16&roil=0&roit=0.0027&roir=1&roib=0.9918&w=320&h=166&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ce64249777e2153f3295d471b6b7b16fa8f60ee41e5bd11154d71b1fad2cc11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:23 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 728C96FF71504FD283DA036BCFC15D42 Ref B: NYCEDGE1408 Ref C: 2024-01-22T02:56:24Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 18386

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame C8FF 0
529 B 133ms
14ms Script
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.desenhar.org%2Fbt21&e=wqT_3QLyA-jyAQAAAwDWAAUBCNeyt60GELT56-XdrbPXEBgAKjYJ9CZUIT6hlT8Ry96GAgsUlT8ZAAAAgOtRCkAhyw0SACkRJAAxCRu4yD8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR498sDgAEBigEDVVNEkgEBBvQFAZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIdaHR0cHM6Ly93d3cuZGVzZW5oYXIub3JnL2J0MjGAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF7Y3ZxaDv4ZZrwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFmfhb-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAARPIAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB_fLA9IHDQkBIgEBASYM2gcGCAUJoOAHAOoHAggA8AeNhYcDiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=a6c98d7052d2ed15e38f0322ba51c8609264987c&bdref=https%3A%2F%2Fwww.desenhar.org%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.desenhar.org%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7359740774757976%26output%3Dhtml%26h%3D250%26adk%3D1228161465%26adf%3D3432105094%26pi%3Dt.aa~a.2824325739~rp.4%26w%3D320%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705835908%26rafmt%3D1%26to%3Dqs%26pwprc%3D1746676328%26format%3D320x250%26url%3Dhttps%253A%252F%252Fwww.desenhar.org%252Fbt21%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705892183346%26bpp%3D3%26bdt%3D1528%26idt%3D3%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D6105443968331%26frm%3D20%26pv%3D1%26ga_vid%3D1022164676.1705892182%26ga_sid%3D1705892183%26ga_hid%3D266350043%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1095%26ady%3D2202%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C44759837%252C42532523%252C31080557%252C95320893%252C95321626%252C95322164%26oid%3D2%26pvsid%3D1818276892040496%26tmod%3D211237412%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D24&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
an-x-request-uuid: ec1a6e1f-2961-474c-95ed-4bec7a24137a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.37; 96.9.249.37; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C5A 50 KB
19 KB 35ms
32ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 01:50:05 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 58FE 50 KB
19 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 01:50:05 GMT

POST
H2 200 vevent
lax1-ib.adnxs.com/ Frame F4EF 0
553 B 415ms
383ms Ping
text/html 104.254.148.251
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.desenhar.org%2Fbt21&e=wqT_3QKaB-iaAwAAAwDWAAUBCNayt60GEP6P9b6Uv6bvSBgAKjYJzJwe0m2lmj8RZhJIiHv3mT8ZAAAAwMzM-D8hZg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4gdwFgAEBigEDVVNEkgUG8GGYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHWh0dHBzOi8vd3d3LmRlc2VuaGFyLm9yZy9idDIxgAMAiAMBkAMAmAMJoAMBqgOkAwq-Ai4zAPCfYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MjZkNTdhZTEtYzdlOS00YzU3LWEzNjAtZWFlYWQ5ZGY1YWM1JmJpZElkPTImYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcp5tALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9lcmlyZWZyaHpmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTI1MDgwMzUxMTQ5MjE2NzY3OCIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpPREExTXprME1UWTFOekkxTlRZak9EQTFNemsyTURBNE56YzVOelU9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBa279sy4iqmpWcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZHTBfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB4HcBdIHDQkuJgAM2gcGCAkvqAcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=6a2147bdc239d45c3c0fe1e2e2fea09129ba978f&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=6156887141799488508&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
an-x-request-uuid: cb4604b8-7c3a-4225-b8a3-d881848c2dfd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.37; 96.9.249.37; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2D5B 1 KB
643 B 34ms
33ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 09:52:06 GMT
etag: 48472445140208031
expires: Mon, 22 Jan 2024 09:52:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C8FF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fd16348e7bd217597bf8c388ae4c06817c00bb266175f763e8916c8768c4f65

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame C8FF 0
553 B 34ms
34ms Ping
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.desenhar.org%2Fbt21&e=wqT_3QKYB-iYAwAAAwDWAAUBCNeyt60GELT56-XdrbPXEBgAKjYJ9CZUIT6hlT8Ry96GAgsUlT8ZAAAAgOtRCkAhyw0SACkRJAAxCRu4yD8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR498sDgAEBigEDVVNEkgEBBvBhmAHAAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh1odHRwczovL3d3dy5kZXNlbmhhci5vcmcvYnQyMYADAIgDAZADAJgDCaADAaoDogMKvAIuMwDwn2JpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWE0ZjgxN2E3LWJmNWQtNDlmNS04MzQ1LWU2YzE0OTRjNTcwMyZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnKebQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wQ192Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEyMDIxMjQwMjIyOTI4NzIzNzIiCTM4MTg0NjcxNCoEIVmAOjRVMlZoY21Ob1FXUWpOelF3TnprNE5qRXhORFE0TkRVFRTweU1UTXlOelkxTlRRPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXtjdnFoO_hlmvABQDJBQAAAAAAAPA_0gUJCQAAAQx4AADYBQHgBQHwBZn4W_oFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAf3ywPSBw0JESgBJgjaBwYBXrQYAOAHAOoHAggA8AeNhYcDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=4f55630979ff5342abe9d0f502d9d5a599ff8776&type=nv&nvt=5&jm=1003&px=0&py=0&bw=320&bh=162&sid=6156887141799488508&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=320&ph=474&ww=320&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
an-x-request-uuid: 175bdae8-2674-4ce6-b51a-ab05e9631aa4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.37; 96.9.249.37; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8FF 0
19 B 103ms
102ms Image
text/html 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtKnlV9mtZe30GJL6vPIPlL2w8ArS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTczNTk3NDA3NzQ3NTc5NzbIAQmoAwHIAwKqBOcBT9C-X4DOLKsadTgKDfA26YcCa73daBFEd5sxzkJy1Os8SO0hqOquOetmuXO7ylwHC4zUGtj0G77DLenl5NGNVDaqNHOyCI8cYnDJWnAri5lJA9KZV0teVoL6GPd2SCs_jw5lrTmtx3Ps1EMpNVfLjCCHPkAchA_OyYrrwjFte0x10FPPGf4Z9WqRxWrtw6opCgutfRyUur98pE0QzODhDxNskZ9QzvocJyfFC6ToJ8lmw6HmqXTib0qs4iCwhhoJoq6tktb7-QQGTR-tYai6XNc0XyGk-gKtBz4DR_cLSCZFPAg4ZlPFgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMrH98z_74MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTczNTk3NDA3NzQ3NTc5NzYYAA&sigh=SJOypVJ7CY4&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_Dt_cgZwubzLGzKT6g_1Ud5euqd3QqOtV4xcSgM0HMzqzjXpcadD3aT0HtmAGIpPaoSl-sfWnGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&h=250&adk=1228161465&adf=3432105094&pi=t.aa~a.2824325739~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1705835908&rafmt=1&to=qs&pwprc=1746676328&format=320x250&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705892183346&bpp=3&bdt=1528&idt=3&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6105443968331&frm=20&pv=1&ga_vid=1022164676.1705892182&ga_sid=1705892183&ga_hid=266350043&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C42532523%2C31080557%2C95320893%2C95321626%2C95322164&oid=2&pvsid=1818276892040496&tmod=211237412&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 02:56:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
nym1-ib.adnxs.com/ Frame C8FF 0
529 B 140ms
137ms Image
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.desenhar.org%2Fbt21&e=wqT_3QKYB-iYAwAAAwDWAAUBCNeyt60GELT56-XdrbPXEBgAKjYJ9CZUIT6hlT8Ry96GAgsUlT8ZAAAAgOtRCkAhyw0SACkRJAAxCRu4yD8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR498sDgAEBigEDVVNEkgEBBvBhmAHAAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh1odHRwczovL3d3dy5kZXNlbmhhci5vcmcvYnQyMYADAIgDAZADAJgDCaADAaoDogMKvAIuMwDwn2JpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWE0ZjgxN2E3LWJmNWQtNDlmNS04MzQ1LWU2YzE0OTRjNTcwMyZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnKebQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wQ192Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEyMDIxMjQwMjIyOTI4NzIzNzIiCTM4MTg0NjcxNCoEIVmAOjRVMlZoY21Ob1FXUWpOelF3TnprNE5qRXhORFE0TkRVFRTweU1UTXlOelkxTlRRPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXtjdnFoO_hlmvABQDJBQAAAAAAAPA_0gUJCQAAAQx4AADYBQHgBQHwBZn4W_oFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAf3ywPSBw0JESgBJgjaBwYBXrQYAOAHAOoHAggA8AeNhYcDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=4f55630979ff5342abe9d0f502d9d5a599ff8776&pp=Za3ZVwAGOm0ITz0SAAwelAln2bydUodhNzedbw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpEiaV9mtZe30GJL6vPIPlL2w8ArS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTczNTk3NDA3NzQ3NTc5NzbIAQmoAwHIAwKqBOoBT9C-X4DOLKsadTgKDfA26YcCa73daBFEd5sxzkJy1Os8SO0hqOquOetmuXO7ylwHC4zUGtj0G77DLenl5NGNVDaqNHOyCI8cYnDJWnAri5lJA9KZV0teVoL6GPd2SCs_jw5lrTmtx3Ps1EMpNVfLjCCHPkAchA_OyYrrwjFte0x10FPPGf4Z9WqRxWrtw6opCgutfRyUur98pE0QzODhDxNskZ9QzvocJyfFC6ToJ8lmw6HmqXTib0qs4iCwhhoJouyvs0Q5Xf5r2eXZ1Dbj2GEwfCsg8yy13pyFHnO3yAxpJMi5hD5RNlwvgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMrH98z_74MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3xDACvgX62x0gCOedxBlAJKECeJA%26client%3Dca-pub-7359740774757976%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
an-x-request-uuid: 0894413e-6fa9-40e7-9117-6cd351aa17ef
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.37; 96.9.249.37; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2D5B
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEARoIQ8H9HwH1bcar5OrGkk&google_cver=1&google_push=AXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-ZcI6u3zWAxOd6BHskfV36kEYfkck34qH8w
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-Z...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-ZcI6u3zWAxOd6BHskfV36kEYfkck34qH8w&google_cver=1&goo...

170 B
188 B

61ms
52ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-ZcI6u3zWAxOd6BHskfV36kEYfkck34qH8w&google_cver=1&google_gid=CAESEARoIQ8H9HwH1bcar5OrGkk&google_hm=UTc1OTE3ODU4NDExNDAyMTMzMTU=

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Jan 2024 02:56:24 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQ1hMrvc1TQSAanfO3AgTtVuCoCbpnLuPVWa_WMYvP0qtPTU2psaV5STuFUbaA-ZcI6u3zWAxOd6BHskfV36kEYfkck34qH8w&google_cver=1&google_gid=CAESEARoIQ8H9HwH1bcar5OrGkk&google_hm=UTc1OTE3ODU4NDExNDAyMTMzMTU=
Content-Type: text/html
Cache-Control: max-age=76663
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2D5B
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDckcfX2EPkOWWJyarWsVlE&google_cver=1&google_push=AXcoOmQl28k2TTY9cTCfhwvLbYSmKZwXFU-usBQX4r_4GllgbfMLj4Nk7OMaPO1X3zY78t5LlUNWv...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQl28k2TTY9cTCfhwvLbYSmKZwXFU-usBQX4r_4GllgbfMLj4Nk7OMaPO1X3zY78t5LlUNWvz90l2lPFiyayv36Z84PvEd3rDU

170 B
188 B

40ms
40ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQl28k2TTY9cTCfhwvLbYSmKZwXFU-usBQX4r_4GllgbfMLj4Nk7OMaPO1X3zY78t5LlUNWvz90l2lPFiyayv36Z84PvEd3rDU

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 02:56:24 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8A04CB13B50A4CBC9CCE0E00DC46159C Ref B: EWR311000104035 Ref C: 2024-01-22T02:56:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQl28k2TTY9cTCfhwvLbYSmKZwXFU-usBQX4r_4GllgbfMLj4Nk7OMaPO1X3zY78t5LlUNWvz90l2lPFiyayv36Z84PvEd3rDU
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPf/mwoKadjYEBpxHCnw==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2D5B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN8-t-z5GmSlVXNqVweg0Xg&google_cver=1&google_push=AXcoOmRh_Rjm27M30g1bNp8aYwuoXuo9EHIwK4FxEecyxX6D33uBHYqxv4QEOR5I6jxs8pE26TQoeMKFISlatYAP...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sIN1enKuQCE9sfQ_EZtR8g&google_push=AXcoOmRh_Rjm27M30g1bNp8aYwuoXuo9EHIwK4FxEecyxX6D33uBHYqxv4QEOR5I6jxs8pE26TQoeMKFISlatYAPLv4Zgmy8Y1IH0Q

170 B
232 B

41ms
40ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sIN1enKuQCE9sfQ_EZtR8g&google_push=AXcoOmRh_Rjm27M30g1bNp8aYwuoXuo9EHIwK4FxEecyxX6D33uBHYqxv4QEOR5I6jxs8pE26TQoeMKFISlatYAPLv4Zgmy8Y1IH0Q

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 02:56:24 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sIN1enKuQCE9sfQ_EZtR8g&google_push=AXcoOmRh_Rjm27M30g1bNp8aYwuoXuo9EHIwK4FxEecyxX6D33uBHYqxv4QEOR5I6jxs8pE26TQoeMKFISlatYAPLv4Zgmy8Y1IH0Q
x-host: tde-deliveryengine-production-5db7bf8975-vc4nm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 2D5B 43 B
641 B 1137ms
184ms Image
image/gif 202.233.84.1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEPk097iFLqJ_53TsgTbBsZc&google_cver=1&google_push=AXcoOmTDB_lMGV_IB4ocVFwq6a2EERp8LZWxdGjBlQwIaZ9gmNKuFq6t7RDaLI2tOLk1gKUu3iCVb0xyaOuU4NMKdymyHSD11ySyM68

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 02:56:25 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2D5B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMKGhje_-MWmdWnDP3jqFQE&google_cver=1&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUIFPuLX...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMKGhje_-MWmdWnDP3jqFQE&google_cver=1&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUI...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzNDQwNzQwNzIyMzgzMzk0NA&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUIFPu...

170 B
188 B

41ms
41ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzNDQwNzQwNzIyMzgzMzk0NA&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUIFPuLXQHEC8KohazLQeaKyFM0tWBI

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzYzNDQwNzQwNzIyMzgzMzk0NA&google_push=AXcoOmShKs0HUn4COszy1K3wO-NnB3J-wdKhAABf4gR7eA0-56HojGMKP_oiDCyNNVJ9WMvJsUIFPuLXQHEC8KohazLQeaKyFM0tWBI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2D5B
Redirect Chain

https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESECAJ1OE1AGQxW-L3wNQLbxk&google_cver=1&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZIN...
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESECAJ1OE1AGQxW-L3wNQLbxk&google_cver=1&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZIN...
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDk3NmU3NGU3ZjliMGU2ZQ&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZINcC1ijfc...

170 B
232 B

44ms
44ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDk3NmU3NGU3ZjliMGU2ZQ&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZINcC1ijfc3P3vWQQm

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDk3NmU3NGU3ZjliMGU2ZQ&google_push=AXcoOmSn6GqzZlXRHLXTcGUrBtpDJdDX1ExaQJsdGYJQOo2NbzdEyjOvR2bxBTPYhPZh6jXVXDVUj3P3B2njlKZINcC1ijfc3P3vWQQm
date: Mon, 22 Jan 2024 02:56:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2D5B
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEEOs1I-nEJ6dTy3IsdpThkg&google_cver=1&google_push=AXcoOmSLgx5Zn4HSHzqtQhPJjuGdbrA5RW1upBP7ijLxjFJrMRSIXyo7RTm6Dr1vCHX...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSLgx5Zn4HSHzqtQhPJjuGdbrA5RW1upBP7ijLxjFJrMRSIXyo7RTm6Dr1vCHXFIGUNuwnaxz6jgEMExfTtLE0DTdtdsNmuyFTW

170 B
329 B

45ms
44ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSLgx5Zn4HSHzqtQhPJjuGdbrA5RW1upBP7ijLxjFJrMRSIXyo7RTm6Dr1vCHXFIGUNuwnaxz6jgEMExfTtLE0DTdtdsNmuyFTW

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 02:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 29bc592e.f62789be
date: Mon, 22 Jan 2024 02:56:24 GMT
x-bytefaas-request-id: 20240122025624DC9C36ABF7BC87F44C6B
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240122025624DC9C36ABF7BC87F44C6B-1552C6519F2B765A-00
x-cache: TCP_MISS from a104-126-118-196.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-parent-response-time: 18,104.126.118.196
server-timing: cdn-cache; desc=MISS, edge; dur=10, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240122025624DC9C36ABF7BC87F44C6B
x-cache-remote: TCP_MISS from a23-202-158-75.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSLgx5Zn4HSHzqtQhPJjuGdbrA5RW1upBP7ijLxjFJrMRSIXyo7RTm6Dr1vCHXFIGUNuwnaxz6jgEMExfTtLE0DTdtdsNmuyFTW
x-bytefaas-execution-duration: 4.32
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01e9b0f427e01db939ae28bb7452d57b99504a811ee4fa5a23372669cff0e55d1e538b72e49f5ff13a60f80118d17d642f7a2d41b9a8035f29ef692ac227d4e3e94ba9ac3461cfc916ac56e77f5834dc19adc4c354bde163bc02a7f929ccac6fd030078571d0c616b9bff712db50e454c8
x-origin-response-time: 8,23.202.158.75
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 22 Jan 2024 02:56:24 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2D5B 0
130 B 131ms
40ms Image
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8yE_sPRLTuLy9yviH6KvDA4Tf2lncV7nktoQIgzmKkG43aE_LnjLnQQVH_SQtcgp0xkfJXa4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 page.php Show response
www.facebook.com/v15.0/plugins/ Frame B3E1 41 KB
16 KB 181ms
111ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v15.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1262e969a8123%26domain%3Dwww.desenhar.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.desenhar.org%252Ff8cc05ddce09c%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwebdeshenhar%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=1c3a932bfa81606838cbcdccc0b244fc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

6258b2de0e046a5c59263debf389b40f9507d4353f86e78af8f014c0f7d0c896

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 02:56:24 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v15.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 7XaCmGa4lSaMuCEnY4gL3o+1pW9pxyl4OBMsQ7HOnGzsWyNFnQhv/NBlU7aBLx3/aoJvqXAIBp5fKbhWKwJFsw==
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
54ms XHR
application/json 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da12d6be2c4611149b900059408108474841863dfb13d156bc4ff44865e771c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12470
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js?bust=31080557

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 02:56:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2382 13 KB
5 KB 76ms
75ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 4523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 01:41:01 GMT
expires: Tue, 21 Jan 2025 01:41:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3ED 829 B
998 B 61ms
59ms Document
text/html 2607:f8b0:4004:c08::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

375cbb730746141419efda1bc6fe491a5921f478dde1c854e204f6ff2c102d42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sm5GgCiSWHvxQK4Yd7VQ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.desenhar.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sm5GgCiSWHvxQK4Yd7VQ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 02:56:24 GMT
expires: Mon, 22 Jan 2024 02:56:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame B3E1 20 KB
5 KB 40ms
33ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v15.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1262e969a8123%26domain%3Dwww.desenhar.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.desenhar.org%252Ff8cc05ddce09c%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwebdeshenhar%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: Axn1e1C6WEQ1yZsLGmYAsEGWx3upo5yXVKPIoVSzkR+QaQAvAQgOIKrCVAjWWTSeGv2CdSUJb0XBqRyDDuHVuA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 11:59:01 GMT

GET
H2 200 oZB9N6h5pPF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame B3E1 353 KB
91 KB 45ms
40ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07e7fe2ae1f7a8b12a42abe3d98f965966c1b8f505d3b4b2c951ed072bc3bca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xo4X8+9CY4R/JniO37MSig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93331
reporting-endpoints
x-fb-debug: ml712jGKp8Y9Tw4IF9lPMuEJGyw6u9GcGZA/8+TITXs8l5/9pL97+jk7BVGLGkW3GNVeu00dxhoflIBPKw0omQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 23:07:37 GMT

GET
H2 200 Cn_OgNtBsi4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame B3E1 7 KB
2 KB 40ms
35ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/Cn_OgNtBsi4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B9gIP5hWP1n5LlUoNnhxow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2301
reporting-endpoints
x-fb-debug: o+x6uKlotAJfg6VzkrXlpIVqto3cTpjIJ3PqL//g/Bgm+fcj1cppWGlGdvy4Dotrewg20BTm13VgjVX0cR5gSA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 11:11:27 GMT

GET
H2 200 ru8zNtgW1u3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame B3E1 94 KB
27 KB 45ms
40ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/ru8zNtgW1u3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xfgcH48ZrXyM9ExSIhREow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27517
reporting-endpoints
x-fb-debug: 60xnMjibrwhb8Y1mLgoa8pKoPXCse3+EPhftkQCnvS60Tl2eH96UbrpMWLrMXRHM6E/Y/0insDgP1D7nA3U6Kw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:52:09 GMT

GET
H2 200 WDd6AOxHz0q.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame B3E1 51 KB
16 KB 40ms
35ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/WDd6AOxHz0q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cac134aca5d573ff54447519d5cb7ccb10e4be05e58ab04d1c823e9ca05de0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iP8mA2aK/kTnUfNMkpvOEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16598
reporting-endpoints
x-fb-debug: gMvIdQmUjNXNB6ZDGcWSO58jMovBIBvEJVYIxfQKspaW+W8cYDKhQu+HTprTU1WX9tzt7OKfLUV4WVVlJatjqw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 09:10:59 GMT

GET
H2 200 Gnm9vzFr_bN.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSa94/yL/l/vi_VN/ Frame B3E1 71 KB
20 KB 45ms
41ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yL/l/vi_VN/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3a91497bdf4c35eafb02401836469a7a22664cc1aed05e4bc4802577ec213bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lw+EkiTEQGNgIBe2RpmVGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20233
reporting-endpoints
x-fb-debug: 91SqpVndmfXH1M1RYdw6A5GNCcK3AtAzHJnB+9BlQKNNaggD+j7FhgxFqRr6cWm9IUabjlyJsxqRhSSS4Ed60A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 11:44:51 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame B3E1 507 B
488 B 44ms
39ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: yt9OlYCQUnZbBFNBQ0qsg146+2/Szzrf15tCQstFcyeQFJrCpRMGXRcE2r1QchzUNYWQdVcUjEsjgH/sBzxN+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 12:00:38 GMT

GET
H2 200 305029794_110633171787009_655083238213223363_n.jpg
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-6/ Frame B3E1 19 KB
19 KB 110ms
18ms Image
image/jpeg 2a03:2880:f082:108:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-6/305029794_110633171787009_655083238213223363_n.jpg?stp=dst-jpg_s320x320&_nc_cat=100&ccb=1-7&_nc_sid=081abc&_nc_ohc=bgWZ9DwOjx0AX8jPNyN&_nc_ht=scontent-ord5-2.xx&edm=ACG_6DoEAAAA&oh=00_AfCIOBpTI08YvkB4aVCGgmd772UP8v5CZY2WDU9Ycu-sYg&oe=65B37EAA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v15.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1262e969a8123%26domain%3Dwww.desenhar.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.desenhar.org%252Ff8cc05ddce09c%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwebdeshenhar%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=360
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:108:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20b40ae02194f221beb184036791be69c15bfdf4683c95afe67fa48063082593

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 09 Sep 2022 08:53:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=893788932
thrift_fmhk: GBDEA82HLc3c299lXpmu6NmyFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2578512683
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 19302

GET
H2 200 308669046_117385441111782_2540231534482884185_n.jpg
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/ Frame B3E1 2 KB
2 KB 31ms
27ms Image
image/jpeg 2a03:2880:f082:108:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/308669046_117385441111782_2540231534482884185_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=102&ccb=1-7&_nc_sid=4da83f&_nc_ohc=uJ1GsgM3ZF0AX_SfjAg&_nc_ht=scontent-ord5-2.xx&edm=ACG_6DoEAAAA&oh=00_AfAelzU40dvh38oEo44vHroH-F1uCiOSbLvR9GxMcjFDGQ&oe=65B25955
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v15.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1262e969a8123%26domain%3Dwww.desenhar.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.desenhar.org%252Ff8cc05ddce09c%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwebdeshenhar%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=360
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:108:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03d4afbb3883dfd9d2a6089c04d266e1aa2dd0f64f4236e5db681fa4e649847

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:25 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 28 Sep 2022 04:03:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3790907027
thrift_fmhk: GBC0Bi+v48/fKvP6h80pKJ/sFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 877696852
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1920

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F3ED 0
0 116ms
110ms Image
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=1818276892040496&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2382 39 KB
15 KB 41ms
32ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 00:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 00:49:55 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame B3E1 573 B
710 B 70ms
29ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 02:56:25 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: tTra21gDNabK1tenkK8xG/8NrVUgTHgGHIMuXe7TUQs0bth7GIEo5bazktpnlu1sXHwzDKwcBkmdCHvsG1kjAA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1,i
expires: Fri, 17 Jan 2025 09:03:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2382 0
10 B 51ms
50ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MFRbRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 02:56:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 154ms
153ms Image
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=1818276892040496&bg=!JCelJ2jNAAa8BdJLnAU7ADQBe5WfOCp3HVSLTrN43lij-LtrRZ_8IP8mfKgMdpWReah6-M_Ue5dAmi_mHbC0GF874w8HAgAAALdSAAAAA2gBBwoAEwjkWqNvAM1D-1P5DKSLMafMX9-ZAr_XCIXknz4zbAevBEt_vqqOhVC6H59Lz_r3Dsxp1XYw_ZHONq4wgV1dKFfcJPlAWk4pHFfjqQBl-lUQnlXJxT5Q9BCmaodMp1U3yF-7kSUaLUuFJp01RClMFoRzAy4sxKJ6lYh69T8224aR-eLm1UpaqW5KNhCM-0X1zCE9Eu4T2Ax9SqYBK801WJ1XCgYGdOOqwFj2_g1PReNvtTmNwJ_vt6jpX3KW1rwdmroh45Fa24U06EcxIcQYuMVOM3W85FTyo-dz0I6wVx3VE4Q6jjgWpr11Cq9U-z8saVdgvltyrwQIP8D_M2VI9JPALTAzEHmgttjFN-QGikOs6P0_4KtWCV3KYgiJBMgt7lmJvV3iYTw8-tPCtUF1ZPLc06E896Goo7WA2_W6eami6wbETXVtyoIvzBykfhBWhf1VJXa1oLpGBbfdH-NSNr_NHojsT3_tDqKb02Auw-GMMXbNBfAq5ulnr0YeXRerWaepOnEGF4c6ajtLl5yKtxjECzU97FAz10_dl9KGqsi-JF4Iay3LraJSy0sF1TugFplMjECyGRaaMG3IatUj334mOixwvBuaZyv7dAwY8Rj-boYHm-0xrmY0oFDheM9oRQYyayegogPGArg9EyRwOcc2K6gEoEyInOl2WSGdWhKC0XruyEpDmHMUh2vmHbTTvwLr-AKlIrvqMWe_tqucWe-KA7TfeOArVrlpfeQYVBstBJJYw9PYfOygw3HQne4cW_HjWbgRYP0dfiSBwfTScGa0_eud0NluriPp98eU1OaYeeyD4tMGOuhVl4wG4-5A_fFUG_fsg8cN7gVVjOPMdfvdXZlcOxnBxY7hoPbaNPNpcHIzsx6vMayoeTIVszdJwMroHx1RI_ZbpNlbj1_Uh1FLqs-qG9TjkFhKuslHvF0uU5tE37_Etk2LuTkQI5-qRJDCAgaK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.desenhar.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.desenhar.org/	1970-01-21 03:27:32	Name: _ga_THR1926RHL Value: GS1.1.1705892182.1.0.1705892182.0.0.0
.desenhar.org/	1970-01-21 03:27:32	Name: _ga Value: GA1.1.1022164676.1705892182
.desenhar.org/	1970-01-21 03:13:08	Name: __gads Value: ID=4163b99cfb298df3:T=1705892182:RT=1705892182:S=ALNI_MbmijS98b7iYmI6n_jowk5pdhT9kw
.desenhar.org/	1970-01-21 03:13:08	Name: __gpi Value: UID=00000db9176f32c9:T=1705892182:RT=1705892182:S=ALNI_MZ97Ph4KG79IiCnORFhSau2Qn-kBw
.doubleclick.net/	1970-01-21 03:27:32	Name: IDE Value: AHWqTUko5zds_7VR2F96raSkE4acmSPktj6vpyZNmBqHOR8D-Ri5OsPiV5h4Vlzxhbo
.bing.com/	1970-01-21 03:13:08	Name: MUID Value: 0B6C6576E64B64AA0E577178E7C4652E
.doubleclick.net/	1970-01-20 17:51:35	Name: DSID Value: NO_DATA
sync-dmp.mobtrakk.com/	1969-12-31 23:59:59	Name: chk Value: 1
sync-dmp.mobtrakk.com/	1970-01-21 03:27:32	Name: pid Value: NDk3NmU3NGU3ZjliMGU2ZQ
.owneriq.net/	1970-01-21 03:27:32	Name: si Value: Q7591785841140213315P
.owneriq.net/	1970-01-20 18:05:56	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 18:05:56	Name: gguuid Value: 1
.adform.net/	1970-01-20 18:36:10	Name: C Value: 1
.travelaudience.com/	1970-01-21 03:23:12	Name: _tracker Value: %7B%22UUID%22%3A%22B083757A-72AE-4021-3DB1-F43F119B51F2%22%7D
.adform.net/	1970-01-20 19:17:56	Name: uid Value: 3634407407223833944
.linkedin.com/	1970-01-21 02:37:08	Name: bcookie Value: "v=2&2757b990-b9f5-4501-893d-ac5bf70bcb00"
.linkedin.com/	1970-01-20 17:52:58	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3172:u=1:x=1:i=1705892184:t=1705978584:v=2:sig=AQFcJvkxXnPey5Bbue4FDSo4rAu37qAR"
.send.microad.jp/	1970-01-20 20:01:08	Name: TR Value: 665c6e16426713aaaf2c878aa7506dce33f6dc445c52e9b7

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-mang-passo-7.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-cookie-passo-8.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-chimmy-etape-7.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-koya-passo-8.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-tata-passo-6.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/dessin-bt21-van-etape-6.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-shooky-passo-4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.desenhar.org/bt21/(Line 1246) Message: Mixed Content: The page at 'https://www.desenhar.org/bt21/' was loaded over HTTPS, but requested an insecure element 'http://www.desenhar.org/wp-content/uploads/2021/11/desenhar-bt21-rj-passo-7.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adsdk.microsoft.com
aid.send.microad.jp
ajax.googleapis.com
analytics.pangle-ads.com
c1.adform.net
cdn.adnxs.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
lax1-ib.adnxs.com
nym1-ib.adnxs.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px.owneriq.net
scontent-ord5-2.xx.fbcdn.net
static.coloringall.com
static.xx.fbcdn.net
sync-dmp.mobtrakk.com
tpc.googlesyndication.com
www.bing.com
www.desenhar.org
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.126.118.200
104.254.148.251
143.110.146.76
172.253.122.155
184.86.146.172
185.167.164.43
202.233.84.1
23.62.104.246
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:3031::ac43:afb2
2606:4700::6811:180e
2607:f8b0:4004:c06::65
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::67
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c17::61
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1d::9d
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f082:108:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::649
35.190.0.66
5.161.92.137
68.67.160.186
04058346a337f1d8f31b64c77dc60f7cf9a9d69aefd9d4dd34e5675bb6fc96ab
0500fe0de4ddfbe3292746b58c6835460acc323dd06b27e4cb83462b1a04a9fb
07e7fe2ae1f7a8b12a42abe3d98f965966c1b8f505d3b4b2c951ed072bc3bca7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d27c719f65d1c40e7b64fd1b4b2758a03cac91de3182675d3dd004e6419b7cb
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
145642f5de03f0693383de962b641ebff01538c430906e731d6ea6bf4e723fd4
1782b6d3a9dd312fbd6de10d6f9afdb827ff411204522f8bafb23eb67e418da5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1afe50b20b77b9bc508a16806b17971741c66c5d3d603ea902993a3b7e0767e9
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20b40ae02194f221beb184036791be69c15bfdf4683c95afe67fa48063082593
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
2b8eb72b43c1240e83fcc97fddd2365b2fb35d045f82211aff9b8d96818aafd1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
375cbb730746141419efda1bc6fe491a5921f478dde1c854e204f6ff2c102d42
3ce64249777e2153f3295d471b6b7b16fa8f60ee41e5bd11154d71b1fad2cc11
404c2268cfacc0769c88dd9ead7e81a08d65db4d1416e3c0cedf735da201ba9d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4cf9d4d7e83ac41086004fe732d063b7efeaeb40bad2a8ac18ce9a52ad88c646
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d59a5c96dd5fc785a17b0a9883d99601a815f1ba059d92b9ec0fe86234bcfb4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
524ca2ed687fbeb5b25657d278b6043cc3e0f90f988a59c35fd398277a57662b
53f6820b002d81f2e86ba985e0ba50a20686c22a853b0180d4564f8fdb8e1895
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5a7a2be170a44ae0f3250f37eb1b118ec1a308f8ce0bd3b5943220896ef7499e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2cafd625327732acea42aaaf099721a2dc2228a547cfb0d1e93ac894c45ba2
5fd16348e7bd217597bf8c388ae4c06817c00bb266175f763e8916c8768c4f65
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258b2de0e046a5c59263debf389b40f9507d4353f86e78af8f014c0f7d0c896
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6e77a0e44b6fce02be41bd1a8a5c205596573cfa4efde0e0efc931e473212a39
71de9bfb4228fadfa74d34b923f7c6d93764473c4a9f7648bd91a31888fad367
730bf2c12f90e78d53b2dc9f2b16e6ec862c7f46df20425fe0b0c6a02f32b07e
73bdd3859d48db24b70c62a4e7853e994f2c9a3e22aaef03c9456432204b5411
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7f24bfb69cd661d97b5d6c5ffba4178540b213650f671ee108d6d7826a057f76
81bb1e1efc8154ff46fc11f091335e4e3f540b1e68da6e3498b34cc94381435e
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1346adf0f5eb90ee357b5c0720ac811be1d9b7a0af4188c80e1996d44241a9
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a991f73243cad4e0bdc749dd8661b74bc315dd538e59512adeddec7737a1b449
ad8add280826a47942dd0271e65f255a8caa33f428adb0015e37fbad40844aa6
b0b482e640f6006fb7f3ae089c37266dd6d26198ffdd58ee52d51c13d333f0d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2112e944307f68d8662983059ce3217e04a72c6127f7c6f2d2f654dcd72267d
b68b2d2955b8d0b7758135957de03a758c953ceb8d563be56342ce6270b17e49
b88fb68fa5fda5017023b73881998023f4db25e2a4ebeb6eea72de05cc89a1bf
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c
be6aeaa50cf6ef91249e192a7bc47366d7b7677a5947c375466129f9d8ea82fc
c3a91497bdf4c35eafb02401836469a7a22664cc1aed05e4bc4802577ec213bc
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c8bb9e721a6ae06885464c9cf52d0f1bd38cdc299186f5c34551b062d398c865
cac134aca5d573ff54447519d5cb7ccb10e4be05e58ab04d1c823e9ca05de0b2
cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b
d2e26bcb6bb80eb4af764de72acd7deb50d263792774c86c7a821c1cad296825
d2ed0720108a75db0d53248ba8e36332658064c4189714d16c0f117efb42016d
d4e3347b320d531d56433df3084ab6a2e308fef4577e22392d0e6034b863f7e5
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
da12d6be2c4611149b900059408108474841863dfb13d156bc4ff44865e771c8
da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a001cb27316ca44a7ad4fb682f41a060a758ca047b84b9c5dece3728ae7e0
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
f03d4afbb3883dfd9d2a6089c04d266e1aa2dd0f64f4236e5db681fa4e649847
f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3
f2511b529e5f19582e7117c25089d4df21fbf7a0d19d4f92cf5fec98f524c68a
f4928427635a4ea5b55f3fd321403c6743f784427f95b3d967868419b10c52a1
f81eafbc50cadf8884fa5b3c8880939d116ab94fe83f84678eab3e413d9b7259
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

www.desenhar.org Open in urlscan Pro 143.110.146.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

93 %HTTPS

63 %IPv6

25 Domains

31 Subdomains

25 IPs

2 Countries

2539 kBTransfer

6106 kBSize

18 Cookies

5 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.desenhar.org Open in urlscan Pro
143.110.146.76 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

93 %
HTTPS

63 %
IPv6

25
Domains

31
Subdomains

25
IPs

2
Countries

2539 kB
Transfer

6106 kB
Size

18
Cookies

120 HTTP transactions
1 data transactions