urlscan.io logo urlscan.io
SecurityTrails logo

www.desenhar.org Open in urlscan Pro
143.110.146.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://desenhar.org/bt21/0.9307634262523574
Effective URL: https://www.desenhar.org/bt21/0.9307634262523574
Submission: On November 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 46 HTTP transactions. The main IP is 143.110.146.76, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.desenhar.org.
TLS certificate: Issued by R10 on October 4th 2024. Valid for: 3 months.
This is the only time www.desenhar.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    143.110.146.76 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1076811.cloudwaysapps.com
desenhar.org
www.desenhar.org
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
ep1.adtrafficquality.google
2    2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:3031::ac43:afb2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.coloringall.com
2    2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
73 KB
10 desenhar.org
desenhar.org
www.desenhar.org
57 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
287 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
175 KB
1 coloringall.com
static.coloringall.com — Cisco Umbrella Rank: 255860
891 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
848 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
11 KB
46 12
Domain Requested by
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 www.desenhar.org www.desenhar.org
6 pagead2.googlesyndication.com www.desenhar.org
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net www.desenhar.org
connect.facebook.net
2 code.jquery.com www.desenhar.org
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 static.coloringall.com www.desenhar.org
1 www.googletagmanager.com www.desenhar.org
1 fonts.googleapis.com www.desenhar.org
1 cdnjs.cloudflare.com www.desenhar.org
1 desenhar.org 1 redirects
46 15

This site contains no links.

Subject Issuer Validity Valid
desenhar.org
R10		 2024-10-04 -
2025-01-02		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-29 -
2024-11-27		 3 months crt.sh
coloringall.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.desenhar.org/bt21/0.9307634262523574
Frame ID: F613C386185AAD364D45D9FA73C6303B
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html
Frame ID: FC3891127BAB27D54C798D7248AFED08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732069646&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F0.9307634262523574&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732069645902&bpp=6&bdt=789&idt=222&shv=r20241118&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4326883722872&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088960%2C95344187%2C95345966&oid=2&pvsid=3446638671072573&tmod=249900649&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=275
Frame ID: 90399E058B68FAE37C64F5642DA73029
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html
Frame ID: F0EF08AE64E0B1BBA7D9ADA7D4714532
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html
Frame ID: A1318EFEA6E6511009630A2142F4EB51
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: BCAC460648A0B6D811C7280D7BD6CD07
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D1CE811B54DAF0D24E942630609A1988
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A página não existe - Desenhar.Org

Page URL History Show full URLs

  1. http://desenhar.org/bt21/0.9307634262523574 HTTP 307
    https://desenhar.org/bt21/0.9307634262523574 HTTP 301
    https://www.desenhar.org/bt21/0.9307634262523574 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

46
Requests

96 %
HTTPS

93 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

808 kB
Transfer

2621 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://desenhar.org/bt21/0.9307634262523574 HTTP 307
    https://desenhar.org/bt21/0.9307634262523574 HTTP 301
    https://www.desenhar.org/bt21/0.9307634262523574 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.9307634262523574
www.desenhar.org/bt21/
Redirect Chain
  • http://desenhar.org/bt21/0.9307634262523574
  • https://desenhar.org/bt21/0.9307634262523574
  • https://www.desenhar.org/bt21/0.9307634262523574
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
ee53ecc8442389d8f9c9f468594b0f9b879dd3b9cb4c175f0c85fd2876f46294

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 02:27:25 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://www.desenhar.org/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-cache
MISS

Redirect headers

age
0
cache-control
no-cache, must-revalidate, max-age=0, s-maxage=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 02:27:24 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://www.desenhar.org/bt21/0.9307634262523574
server
nginx
x-cache
MISS
x-redirect-by
WordPress
style.css
www.desenhar.org/wp-content/themes/color247/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/wp-content/themes/color247/css/style.css
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
7f24bfb69cd661d97b5d6c5ffba4178540b213650f671ee108d6d7826a057f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"63a03020-44d2"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/css
last-modified
Mon, 19 Dec 2022 09:34:24 GMT
server
nginx
vary
Accept-Encoding
styl-btn.css
www.desenhar.org/wp-content/themes/color247/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/wp-content/themes/color247/css/styl-btn.css
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
04058346a337f1d8f31b64c77dc60f7cf9a9d69aefd9d4dd34e5675bb6fc96ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"611cb7ec-44cf"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/css
last-modified
Wed, 18 Aug 2021 07:34:04 GMT
server
nginx
vary
Accept-Encoding
style.css
www.desenhar.org/wp-content/themes/color247/playonline/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/wp-content/themes/color247/playonline/style.css
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
d4e3347b320d531d56433df3084ab6a2e308fef4577e22392d0e6034b863f7e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"611b2465-3023"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/css
last-modified
Tue, 17 Aug 2021 02:52:21 GMT
server
nginx
vary
Accept-Encoding
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"613fa20b-28de"
age
453329
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCK3QOSpiiFNIuZU50X4AcvRUz1WW%2FYx%2F7lab%2BQmnuyS8Ivv1Maqdld18Lj31Z1uItzaXYKWOn%2FtTmrtAHr3ysDCv9Cv5cC7%2FXqJPzA5bb6vMay6mTa7lOXj1%2BoqRYlB4wQp1AKFodZX62EfUsY9%2BsHD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 02:27:25 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5500328a8e421d-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10462
server
cloudflare
css2
fonts.googleapis.com/ 		818 B
848 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 01:20:23 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery-2.0.2.js
code.jquery.com/ 		237 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.0.2.js
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2ed0720108a75db0d53248ba8e36332658064c4189714d16c0f117efb42016d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
etag
W/"28feccc0-3b4e3"
age
2051817
x-cache
HIT, HIT
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
4629, 0
x-served-by
cache-lga21931-LGA, cache-ewr-kewr1740069-EWR
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732069645.377466,VS0,VE1
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
71727
server
nginx
jquery-ui.js
code.jquery.com/ui/1.10.3/ 		426 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.10.3/jquery-ui.js
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
etag
W/"28feccc0-6a684"
age
2029985
x-cache
HIT, HIT
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
3448, 643
x-served-by
cache-lga21962-LGA, cache-ewr-kewr1740069-EWR
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732069645.378059,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
106766
server
nginx
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-THR1926RHL
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5db0d68ad2b5643992a95efdc0e55ec99a6ae94299583d2b0ed1cbe51ca5e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 02:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109748
x-xss-protection
0
server
Google Tag Manager
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7359740774757976
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5d3e752759a150ec3b5b3509c4a563af752a0192a43928e078fc3507fb4bd64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.desenhar.org
Referer
https://www.desenhar.org/

Response headers

content-encoding
br
etag
7812245239548384118
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53469
x-xss-protection
0
server
cafe
sdk.js
connect.facebook.net/vi_VN/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6b89e53353df5f309d43b1fa5d45fd002ab1c85562e0b9694d62eecae6b51bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.desenhar.org
Referer
https://www.desenhar.org/

Response headers

content-md5
7U/cTANznJdEjmCiTA/yGw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"c3ef5e7d13b4e1b030e068c6b3e77266"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:34:45 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
e631f0c5c45624fc31f362321c019e94
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=5738, tp=11, tpl=0, uplat=0, ullat=-1
x-fb-debug
qZBX3ws/Afmpfpk/nTLASRNzwV65U78mSdKus4zY1lCllM9YUNbZlmT59tz5ZGu3ORiMQu0i06IoKF0JCmmrUQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
style.min.css
www.desenhar.org/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"66d88f8f-1b72b"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/css
last-modified
Wed, 04 Sep 2024 16:49:19 GMT
server
nginx
vary
Accept-Encoding
logo.png
www.desenhar.org/wp-content/themes/color247/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desenhar.org/wp-content/themes/color247/img/logo.png
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
f4928427635a4ea5b55f3fd321403c6743f784427f95b3d967868419b10c52a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
etag
"6168020e-351b"
accept-ranges
bytes
content-length
13595
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
image/png
last-modified
Thu, 14 Oct 2021 10:10:22 GMT
server
nginx
print.css
www.desenhar.org/wp-content/themes/color247/playonline/ 		516 B
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/wp-content/themes/color247/playonline/print.css
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
73bdd3859d48db24b70c62a4e7853e994f2c9a3e22aaef03c9456432204b5411

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"611b1a02-204"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/css
last-modified
Tue, 17 Aug 2021 02:08:02 GMT
server
nginx
vary
Accept-Encoding
09ba41f8-4096-4b06-977a-861ec7cc3d39
https://www.desenhar.org/ Frame 		0
0
search.svg
static.coloringall.com/ 		286 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.coloringall.com/search.svg
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/wp-content/themes/color247/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:afb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145642f5de03f0693383de962b641ebff01538c430906e731d6ea6bf4e723fd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"5e2acbf5-11e"
age
10688910
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YF6J11MUiUzDBr2bOxiVFgq%2FlqPYswAhkri9Rm07Cp%2BEx19EbNs6%2FTHcNZqq3DEmmDiqHcjbRYBUHv5kzq1RnJn3nAAEdPWzHXC%2B2URguYM9agUTSUHdcfwhgyL5rdPZ%2BnvHHvoC%2F1u23%2BzJsEGhwKlZPGJ5"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9242&sent=7&recv=7&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2239&delivery_rate=445220&cwnd=253&unsent_bytes=0&cid=fb374e6e058860e8&ts=77&x=0"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
image/svg+xml
last-modified
Fri, 24 Jan 2020 10:50:29 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5500367f52c33b-EWR
server
cloudflare
sdk.js
connect.facebook.net/vi_VN/ 		254 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js?hash=4b490aa1e548695e8dc1249a090dce6d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa32baecd92b649ea39a779fb3dde4ead2df975dc1852751bb48002082e9c807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.desenhar.org
Referer
https://www.desenhar.org/

Response headers

content-md5
tXfaqPqoobGmCRjMN0tkiw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"1ad015708db0febeba5a110142efe4c6"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 23:52:36 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
99a632746324e1a3e5d472b01c8db8eb
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=26, mss=1232, tbw=9610, tp=17, tpl=0, uplat=1, ullat=-1
x-fb-debug
eNW2slMg4uWoB2B1tqqrvaCLFpSsFI1V9rWnWtc1cJYizhlq2RLHgSRsH4H2dJxP2pZhhf+YZjYV3sF2CY0Auw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
76696
origin-agent-cluster
?1
wp-emoji-release.min.js
www.desenhar.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: www.desenhar.org
URL: https://www.desenhar.org/bt21/0.9307634262523574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"667d6e6f-4926"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
application/javascript
last-modified
Thu, 27 Jun 2024 13:51:43 GMT
server
nginx
vary
Accept-Encoding
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7359740774757976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60c56ed33373f56be5e1d1e983d0bc0d863912196a9d570498eb4c7fd5d9e3ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
br
etag
7037909006015768523
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31888
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7359740774757976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d5bbadbf71d22b7d25d55ff04732948f0acce95ddc006def8ee1138d722664e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
br
etag
17789068872641229330
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 20 Nov 2024 02:27:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147622
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-THR1926RHL&gtm=45je4bj0v9128828230za200&_p=1732069645484&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1311405490.1732069646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732069645&sct=1&seg=0&dl=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F0.9307634262523574&dt=A%20p%C3%A1gina%20n%C3%A3o%20existe%20-%20Desenhar.Org&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1842
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THR1926RHL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.desenhar.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:26 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/ Frame FC38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.desenhar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
37519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 16:02:07 GMT
etag
17661348622971093804
expires
Tue, 03 Dec 2024 16:02:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9039 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7359740774757976&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732069646&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F0.9307634262523574&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732069645902&bpp=6&bdt=789&idt=222&shv=r20241118&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4326883722872&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088960%2C95344187%2C95345966&oid=2&pvsid=3446638671072573&tmod=249900649&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=275
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.desenhar.org/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
37424
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 02:27:26 GMT
expires
Wed, 20 Nov 2024 02:27:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7359740774757976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.desenhar.org/

Response headers
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 		178 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da9e46916e94dc60123e8022742bdf5c3e2c4ac97246ced7e8a828025540c147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
br
etag
10328080763734877081
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:27:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 20 Nov 2024 02:27:26 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60562
x-xss-protection
0
server
cafe
ca-pub-7359740774757976
fundingchoicesmessages.google.com/i/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7359740774757976?href=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F0.9307634262523574&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53f359d9c687026741aed49de59d3679c6bf58e1d1a2176a68574bb9acf91e06
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RLaoXNDUJ6XvMBglYY3mDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4hnnL7MuAOIiiSusLUB8u-kK62MgZvh6hZUDiIW4Ofonfd3JJvDi5mlfJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQ0NLPQOD-AIDAOVtRJw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RLaoXNDUJ6XvMBglYY3mDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWtBSQuXCCn_Fg1ziGi4LVpxx1aO_WyvWLMgjhpOGkJ-P_6RGX5wWHg5GOH0KWrkgMlnBTeRa5PR3EoWznM8NuJ2NCfgHBeG8iVMJ4t0G-1L3hDO3GZjJUyB1ex6eAGnaIYvboeqA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWtBSQuXCCn_Fg1ziGi4LVpxx1aO_WyvWLMgjhpOGkJ-P_6RGX5wWHg5GOH0KWrkgMlnBTeRa5PR3EoWznM8NuJ2NCfgHBeG8iVMJ4t0G-1L3hDO3GZjJUyB1ex6eAGnaIYvboeqA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMDY5NjQ3LDQwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZGVzZW5oYXIub3JnL2J0MjEvMC45MzA3NjM0MjYyNTIzNTc0IixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ce6f4eb712fba9045c2ef6c522b0c91d8716d8426414446a1cdda32a9b083a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fpaT2jMrr2ObQstvKqeIYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4hnnL7MuAOIiiSusLUB8u-kK62MgZvh6hZUDiIV4OPonfd3JJvBjyqUbjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhoaGlnoGBvEFBgAkxkTw"
content-security-policy
script-src 'report-sample' 'nonce-fpaT2jMrr2ObQstvKqeIYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/ Frame F0EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.desenhar.org/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
37519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 16:02:07 GMT
etag
17661348622971093804
expires
Tue, 03 Dec 2024 16:02:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/ Frame A131 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.desenhar.org/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
37519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 16:02:07 GMT
etag
17661348622971093804
expires
Tue, 03 Dec 2024 16:02:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWup5tR8fUBswFce2RDR6fr7CPOal6EIci4M_FDbEwQBjkcl7FqSDY8X3CMD0J0Y5d1xpnfYQV3HkqdZgvrtSMqf4awEGQg8xLio9j_WnckW0YtUhKhmdmsYHQxpMwmohz9FlCDiQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWup5tR8fUBswFce2RDR6fr7CPOal6EIci4M_FDbEwQBjkcl7FqSDY8X3CMD0J0Y5d1xpnfYQV3HkqdZgvrtSMqf4awEGQg8xLio9j_WnckW0YtUhKhmdmsYHQxpMwmohz9FlCDiQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMDY5NjQ3LDUxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmRlc2VuaGFyLm9yZy9idDIxLzAuOTMwNzYzNDI2MjUyMzU3NCIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bb740f29368a1ac9e55a089f44563c58cb865e8fd386540613ecb5bc1aa965
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7jAnRSOxnlaa6EOfuWC7vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4hnnL7MuAOIiiSusLUB8u-kK62MgZvh6hZUDiIV4OPonfd3JJtDx5XoPk5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJoaGhpZ6BQXyBAQAWFkSb"
content-security-policy
script-src 'report-sample' 'nonce-7jAnRSOxnlaa6EOfuWC7vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ads.
fundingchoicesmessages.google.com/f/AGSKWxUeniL-cLGwU5k4sQzP1fmEYJX18PwvX-N4JqRkZ-XPAf4c7KK5q_LkCs5WC3baH3ddd-b3llQD58N2aDfZErin_EfHhdlFMYvk8OSWkm4eUpA5KVX2NDJ96dSslBOKoPmzoUJpxL_2aamMU2Wr7Yl-CR0ac... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUeniL-cLGwU5k4sQzP1fmEYJX18PwvX-N4JqRkZ-XPAf4c7KK5q_LkCs5WC3baH3ddd-b3llQD58N2aDfZErin_EfHhdlFMYvk8OSWkm4eUpA5KVX2NDJ96dSslBOKoPmzoUJpxL_2aamMU2Wr7Yl-CR0acDWTiPxrTZpUpvfit2pB5RdoFtByN0lX/_/brand-ad-/adsico3./ad/activateFlashObject.-720x90./magazine/ads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
933d78736d733ecf4875524d109592d7077423147436472f40212b91a9546174
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UBqIWBI9M-5x2qHTD0dcIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4hnnL7MuAOIiiSusLUB8u-kK62MgZvh6hZUDiIV4OCZM-rqTTeDBgc6ZjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhoaGlnoGBvEFBgAUqkSD"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UBqIWBI9M-5x2qHTD0dcIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
br
etag
16023549773543154165
age
2646
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 20 Nov 2024 01:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
51
x-xss-protection
0
server
cafe
AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ljJhbuIROUvWUsDDcc2XbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.desenhar.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGYMOnrTjaBAw-eHGdUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYWegZm8QUGAFO4KUs"
content-security-policy
script-src 'report-sample' 'nonce-ljJhbuIROUvWUsDDcc2XbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.desenhar.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-py4VQdzLcxYSGj_aGvCrYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.desenhar.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGYMOnrTjaBCxsmHmdUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYWegZm8QUGADc9KOI"
content-security-policy
script-src 'report-sample' 'nonce-py4VQdzLcxYSGj_aGvCrYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.desenhar.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MoSAfsV9KMC4VloQVQHWmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.desenhar.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGYMOnrTjaBHWe2HGdUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYWegZm8QUGAEK4KQo"
content-security-policy
script-src 'report-sample' 'nonce-MoSAfsV9KMC4VloQVQHWmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.desenhar.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R9EE7yfQpZXwL-7Vk2xWog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.desenhar.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGYMOnrTjaBBZe6jzMquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MLPQOz-AIDACzrKMQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R9EE7yfQpZXwL-7Vk2xWog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.desenhar.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXIMQdjJZt7kY68bQTbxT1slcXGn_DzgKrF-I5YqB4KTIUuZ-Qm23LsC6yyHPbavEYqO_ImngyXuy18QKXN-SiXi2d4Yu8Az4XIJVIDPcoGNHjc8mtR4NnavVlhUFQ6M21EPnV6UA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXIMQdjJZt7kY68bQTbxT1slcXGn_DzgKrF-I5YqB4KTIUuZ-Qm23LsC6yyHPbavEYqO_ImngyXuy18QKXN-SiXi2d4Yu8Az4XIJVIDPcoGNHjc8mtR4NnavVlhUFQ6M21EPnV6UA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMDY5NjQ4LDM1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZGVzZW5oYXIub3JnL2J0MjEvMC45MzA3NjM0MjYyNTIzNTc0IixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba60ae6897e8a5518085a8b249c04ea77f5b10dc20f0884a9e0e1c8a6d81d7c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WMLDIYJ1-sYAuEsFgD54bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1ZBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IZ5y-zLgDiIokrrC1AfLvpCutjIGb4eoWVA4iFeDgmTPq6k01gx64bexmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDS31DAziCwwAbhZJ1w"
content-security-policy
script-src 'report-sample' 'nonce-WMLDIYJ1-sYAuEsFgD54bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUgoQBAb-Ci_eNmM9UVd1b32oZKIvQS5k45KxRJgRo3EjwoBdp-cvlrZq8Y2A7UgNS2guF6wtJiLSCzkvHG-kEOAeX_84MJb5CJTjJJme4vtPqzOx8vVKIwtjDFKOlBVveM5X5lQA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUgoQBAb-Ci_eNmM9UVd1b32oZKIvQS5k45KxRJgRo3EjwoBdp-cvlrZq8Y2A7UgNS2guF6wtJiLSCzkvHG-kEOAeX_84MJb5CJTjJJme4vtPqzOx8vVKIwtjDFKOlBVveM5X5lQA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-H12Pt84k8hdBVSqlECkuXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.desenhar.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGYMOnrTjaBhoa2H4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTQ0NBCz8AsvsAAABgyKH4"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-H12Pt84k8hdBVSqlECkuXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.desenhar.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwHe5LVzM4bywqJWoD5HNd6Kgn9iA5zi6GQp2TFmfFZEPj8gj5959zdu89vkmy3xbg-SrjgTWUpLZDowl871dBnvWYebsrWxpLANoxp_c_Hvq_VYhvxuf1olIgkZLoM9OFD0D_gg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7TmvWfFDbfYdIiJwXFWQJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.desenhar.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGYMOnrTjaBBW_ffGdUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYWegZm8QUGAGJCKXo"
content-security-policy
script-src 'report-sample' 'nonce-7TmvWfFDbfYdIiJwXFWQJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.desenhar.org
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ba134d65fb8997bd1fb5476ae1d4afa2cef4eb238752cc4dd528c7725a86663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12897
date
Wed, 20 Nov 2024 02:27:28 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
www.desenhar.org/wp-content/themes/color247/img/ 		7 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.desenhar.org/wp-content/themes/color247/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.110.146.76 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1076811.cloudwaysapps.com
Software
nginx /
Resource Hash
63afaeae7a066c3fe749c1290136048843d2ffd91ae67de697b2ed44c731a7a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/bt21/0.9307634262523574

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"61680262-1d44"
date
Wed, 20 Nov 2024 02:27:28 GMT
content-type
image/x-icon
last-modified
Thu, 14 Oct 2021 10:11:46 GMT
server
nginx
vary
Accept-Encoding
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 02:27:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:29 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame BCAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.desenhar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 02:08:48 GMT
expires
Wed, 20 Nov 2024 02:58:48 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D1CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Iyee9uPrtZaWiJSMqbFMEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.desenhar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Iyee9uPrtZaWiJSMqbFMEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 02:27:29 GMT
expires
Wed, 20 Nov 2024 02:27:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-THR1926RHL&gtm=45je4bj0v9128828230za200&_p=1732069645484&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1311405490.1732069646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732069645&sct=1&seg=0&dl=https%3A%2F%2Fwww.desenhar.org%2Fbt21%2F0.9307634262523574&dt=A%20p%C3%A1gina%20n%C3%A3o%20existe%20-%20Desenhar.Org&en=scroll&epn.percent_scrolled=90&_et=11&tfd=6855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THR1926RHL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.desenhar.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.desenhar.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 02:27:31 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.desenhar.org
URL
blob:https://www.desenhar.org/09ba41f8-4096-4b06-977a-861ec7cc3d39
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241118&jk=3446638671072573&bg=!jo2ljcLNAAY7_TBtG_07ADQBe5WfOLYYTaBclD-r_KkdHQCaQ-hBpjtiC4z3h5ozfYAL-AIGpKwfAROt-Q-mzkQXejDnAgAAAOJSAAAABGgBB34ANi1VHjq3Vw1tpe8sZkFlbTAaeIapGY1dlRu21lnld94Dc5kNtv9hMx4wINz_hiCnImJI70l_OwoARLsCWCcxzxAtEWVQYjGUYNPLH0oqRQ3lwJijkeYnv7k9f114xmDxLoR01z13hhSdfUO83PljbKCBtGvwAd6Uk6VR9NmnmQKluEI0d5LHJVspPxQD9B9j5_N5_W_6JfhXUdxjGJxvKoHaSlis4MCZFJ19L1alPZK3U6vz2xRz_z0hMT6M6ZXbdKh-rhC947S7aybvXZQ8nP6ztsOUkcjhEL2xaVznqmyxzm6oVEAoyZsC1FyYLLC3Zf7Z6IyObfuu5oXNkDvWf8PWV4EgZOEtgLg-O9lBdqXYTE1bjcIQTYJhiNJSYQWRw-wJGIyYXJo9ByQozcy2rIVsjcqp0MZPGlqYlGjZgpiHKFInNFNdChVqyKPFZkF-gwt9iM5jEOrSqyCjcACzGYzrXz_sf5scxJ-w1-ZrqetoNufUOyHxWDbP4ZcXiiPA45_n0g7iJIJ3hyJEiKOXMEoznheB16Yo3PtMjS-57i_-qPcY2rDdozJxWtdpx70DbHzmBz0O4I2dDgB5vrz3ZC-3reAN9tw8Fs-VPnOeglFJrcNL_HSLx8zNrPNfaxAXzEqNfcmn2-ABudRukYJ1OSsB5ry6WcmC8iGx8JDtk-QGFKd9SZGYPFklIgkMuRBLM-jULCxkPBI-IrmbxXxNvqfWaAyoPmQnU1BKfjNIgAwZ8OmJfN6XS8XAlxjEYRF-lyYArfulaWDpNOZJ5sNsWZ8a-2pXFkgU7tw1fZGTiXYp_f_20QEZgVLMtLYCIrwAWvQkvMdbtC5pzGxM4AWqHfF72oPluNR7cik_qs_xeXLGcsybn9o5Sv1Pp8lIJbM7ph38M_iLhmHJJcGgAOJxW1EoCNCiCWg7bFqy0MRPuAzFitzgqXKp9ZkF6_Nlnm8RqW1boRIBASXVAbiGoFIhlc1-7BdybOO6mEbPruvPgduKAa2It_6oL2Xbrte8gVCaVZ5nJJBeE0VBmME56LXy5C8ygDQ8CsdmwnpBa1CLPnCTiXyP69I

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| $ function| jQuery function| gtag object| dataLayer object| _wpemojiSettings object| FB object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal object| twemoji object| wp function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjU1ZjdlNmViMjNmNDI0Y2xvYWRlcl9qcw== string| ZjU1ZjdlNmViMjNmNDI0Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| 37a703f5-b264-4164-bf81-2458a71790fc object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
.desenhar.org/ Name: _ga
Value: GA1.1.1311405490.1732069646
.desenhar.org/ Name: _ga_THR1926RHL
Value: GS1.1.1732069645.1.0.1732069645.0.0.0
.desenhar.org/ Name: __gads
Value: ID=9c977e422a8ffdd0:T=1732069646:RT=1732069646:S=ALNI_Mat6NxjyRg5dSL9SJWb9ZE3t_-MdA
.desenhar.org/ Name: __gpi
Value: UID=00000db3857ff7b8:T=1732069646:RT=1732069646:S=ALNI_MalatgMkv0UVQCcqFM-Dpmvmb8jXg
.desenhar.org/ Name: __eoi
Value: ID=2f20b64283a64019:T=1732069646:RT=1732069646:S=AA-Afjb7B-5HelhQ_kvj2WFFjJ0c
.media.net/ Name: visitor-id
Value: 3750712479663106000V10
.media.net/ Name: data-exp
Value: setstatuscode~~1
.doubleclick.net/ Name: IDE
Value: AHWqTUnR8T_WK9OxU_eHdO9UqGOEkKi_LujyqonaD1daFE2ExIHi40h0XW1JRdPT0uU
.media.net/ Name: data-g
Value: CAESEOVa-7j1Uu0eDBkObpuXFag~~6
.desenhar.org/ Name: FCNEC
Value: %5B%5B%22AKsRol_L6dinPtCFuLR3ve7YeKt1WOci7zYIruqtORj-s-WANDmGWSBaIDCQBCBoxaOdiyUf8_SG3mKOH0Rxn-kyBGMdHZsTF96S3t1JXb3rFfNl_1qHxBDCNWBrmtuWvR64CGLdIG9JaDVmLej6PqBVb-Kwy5odfA%3D%3D%22%5D%5D
.adsrvr.org/ Name: TDID
Value: c9795907-a3a1-4646-8130-d5ea718fab1a
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwigseCUncXEPRAFGAUgASgCMgsIgNebwbPFxD0QBTgB
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7802
.tapad.com/ Name: TapAd_TS
Value: 1732069648629
.tapad.com/ Name: TapAd_DID
Value: c9795907-a3a1-4646-8130-d5ea718fab1a

1 Console Messages

Source Level URL
Text
network error URL: https://www.desenhar.org/bt21/0.9307634262523574
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
desenhar.org
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.coloringall.com
www.desenhar.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
www.desenhar.org
143.110.146.76
2606:4700:3031::ac43:afb2
2606:4700::6811:180e
2607:f8b0:4006:809::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::200a
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2008
2a03:2880:f00e:13:face:b00c:0:3
2a04:4e42:200::649
04058346a337f1d8f31b64c77dc60f7cf9a9d69aefd9d4dd34e5675bb6fc96ab
145642f5de03f0693383de962b641ebff01538c430906e731d6ea6bf4e723fd4
32bb740f29368a1ac9e55a089f44563c58cb865e8fd386540613ecb5bc1aa965
3ce6f4eb712fba9045c2ef6c522b0c91d8716d8426414446a1cdda32a9b083a2
3d5bbadbf71d22b7d25d55ff04732948f0acce95ddc006def8ee1138d722664e
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
53f359d9c687026741aed49de59d3679c6bf58e1d1a2176a68574bb9acf91e06
60c56ed33373f56be5e1d1e983d0bc0d863912196a9d570498eb4c7fd5d9e3ca
63afaeae7a066c3fe749c1290136048843d2ffd91ae67de697b2ed44c731a7a2
73bdd3859d48db24b70c62a4e7853e994f2c9a3e22aaef03c9456432204b5411
7f24bfb69cd661d97b5d6c5ffba4178540b213650f671ee108d6d7826a057f76
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
8ba134d65fb8997bd1fb5476ae1d4afa2cef4eb238752cc4dd528c7725a86663
933d78736d733ecf4875524d109592d7077423147436472f40212b91a9546174
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a5db0d68ad2b5643992a95efdc0e55ec99a6ae94299583d2b0ed1cbe51ca5e7b
a6b89e53353df5f309d43b1fa5d45fd002ab1c85562e0b9694d62eecae6b51bc
b5d3e752759a150ec3b5b3509c4a563af752a0192a43928e078fc3507fb4bd64
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c
ba60ae6897e8a5518085a8b249c04ea77f5b10dc20f0884a9e0e1c8a6d81d7c2
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
d2ed0720108a75db0d53248ba8e36332658064c4189714d16c0f117efb42016d
d4e3347b320d531d56433df3084ab6a2e308fef4577e22392d0e6034b863f7e5
da9e46916e94dc60123e8022742bdf5c3e2c4ac97246ced7e8a828025540c147
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee53ecc8442389d8f9c9f468594b0f9b879dd3b9cb4c175f0c85fd2876f46294
f4928427635a4ea5b55f3fd321403c6743f784427f95b3d967868419b10c52a1
fa32baecd92b649ea39a779fb3dde4ead2df975dc1852751bb48002082e9c807
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99