us.desenhopracolorir.com.br Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://us.desenhopracolorir.com.br/
Effective URL:
https://us.desenhopracolorir.com.br/
Submission: On November 16 via manual (November 16th 2024, 2:47:40 am UTC) from US — Scanned from NL

Summary HTTP 307 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 112 IPs in 9 countries across 74 domains to perform 307 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is us.desenhopracolorir.com.br.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.

This is the only time us.desenhopracolorir.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.70.197 104.22.70.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	88.198.153.60 88.198.153.60	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
5	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
2	18.66.147.27 18.66.147.27	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
14	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
6	104.22.62.227 104.22.62.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
8	3.160.150.117 3.160.150.117	16509 (AMAZON-02) (AMAZON-02)
1	34.248.22.168 34.248.22.168	16509 (AMAZON-02) (AMAZON-02)
1	95.101.27.200 95.101.27.200	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
4	51.89.9.253 51.89.9.253	16276 (OVH OVH SAS) (OVH OVH SAS)
2	172.67.21.232 172.67.21.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.228.74.166 91.228.74.166	16509 (AMAZON-02) (AMAZON-02)
2	34.242.55.213 34.242.55.213	16509 (AMAZON-02) (AMAZON-02)
6	104.22.1.93 104.22.1.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.251.239.3 34.251.239.3	16509 (AMAZON-02) (AMAZON-02)
1	104.22.71.197 104.22.71.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
8	104.22.34.123 104.22.34.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	65.9.66.73 65.9.66.73	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.57 18.66.102.57	16509 (AMAZON-02) (AMAZON-02)
2	172.67.25.151 172.67.25.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 7	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 10	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
3	104.26.9.169 104.26.9.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	163.5.194.37 163.5.194.37	60558 (SECUREDSE...) (SECUREDSERVERS-EU PHOENIX NAP)
2 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd)
2	212.77.99.29 212.77.99.29	12827 (Wirtualna...) (WirtualnaPolska Wirtualna Polska Media S.A.)
1	104.18.23.145 104.18.23.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.3.54 99.86.3.54	16509 (AMAZON-02) (AMAZON-02)
2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.194.120.205 54.194.120.205	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
2	51.158.29.13 51.158.29.13	12876 (AS12876 S...) (AS12876 SCALEWAY S.A.S.)
2	162.19.138.117 162.19.138.117	16276 (OVH OVH SAS) (OVH OVH SAS)
2	104.18.31.80 104.18.31.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.156.199.224 18.156.199.224	16509 (AMAZON-02) (AMAZON-02)
4	104.22.30.209 104.22.30.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	193.3.178.3 193.3.178.3	399668 (E-PLANNING-) (E-PLANNING-)
3	198.199.71.70 198.199.71.70	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	54.76.15.180 54.76.15.180	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.4 178.250.1.4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	172.64.153.78 172.64.153.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	64.74.236.127 64.74.236.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	69.173.156.139 69.173.156.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.124.64.248 3.124.64.248	16509 (AMAZON-02) (AMAZON-02)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
2 2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.160.150.38 3.160.150.38	16509 (AMAZON-02) (AMAZON-02)
1	108.138.8.164 108.138.8.164	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.28.101 104.18.28.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.53.173 104.22.53.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	104.22.4.69 104.22.4.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	35.241.34.106 35.241.34.106	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
1	51.81.55.251 51.81.55.251	16276 (OVH OVH SAS) (OVH OVH SAS)
2	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
3	172.67.23.234 172.67.23.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.82.75.134 35.82.75.134	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 1	46.228.164.13 46.228.164.13	56396 (Amobee Am...) (Amobee Amobee EMEA Limited)
1 1	69.166.1.35 69.166.1.35	27630 (AS-XFERNET) (AS-XFERNET)
3	104.22.5.69 104.22.5.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.16.53.198 52.16.53.198	16509 (AMAZON-02) (AMAZON-02)
4	5.196.111.64 5.196.111.64	16276 (OVH OVH SAS) (OVH OVH SAS)
1	63.32.172.26 63.32.172.26	16509 (AMAZON-02) (AMAZON-02)
3	37.157.2.228 37.157.2.228	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	52.16.63.113 52.16.63.113	16509 (AMAZON-02) (AMAZON-02)
1	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.32.238.154 23.32.238.154	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	172.64.154.78 172.64.154.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
3	37.157.4.21 37.157.4.21	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2 5	2.23.209.187 2.23.209.187	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	104.26.1.77 104.26.1.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.71.58 172.67.71.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.244.162.144 143.244.162.144	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.149.40.38 34.149.40.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	89.149.193.101 89.149.193.101	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
1	157.230.176.78 157.230.176.78	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	198.199.89.209 198.199.89.209	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.18.30.80 104.18.30.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	98.82.157.137 98.82.157.137	14618 (AMAZON-AES) (AMAZON-AES)
1	18.195.234.25 18.195.234.25	16509 (AMAZON-02) (AMAZON-02)
1 1	116.202.167.155 116.202.167.155	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	52.16.54.39 52.16.54.39	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1 1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
1 2	178.250.1.57 178.250.1.57	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
307	112

39 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us.desenhopracolorir.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.themoneytizer.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tmzr.themoneytizer.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.70.197 (None, )

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.198.153.60 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: moderate3.cleantalk.org

moderate.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-27.fra60.r.cloudfront.net

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.22.62.227 (None, )

ASN13335 (CLOUDFLARENET, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.160.150.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-117.fra60.r.cloudfront.net

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.22.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-22-168.eu-west-1.compute.amazonaws.com

metrics.biddertmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a95-101-27-200.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.21.232 (United States)

ASN13335 (CLOUDFLARENET, US)

static.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.55.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-55-213.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.22.1.93 (None, )

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.239.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-239-3.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.71.197 (None, )

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.22.34.123 (None, )

ASN13335 (CLOUDFLARENET, US)

track.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gtrack.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otrack.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-73.fra56.r.cloudfront.net

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-57.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.25.151 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.19.138.120 (Amsterdam, Netherlands) 5 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.5.194.37 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.77.99.29 (Poland)

ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-54.fra6.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.120.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-120-205.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

c0a0221d4b3d1b2a46a475e7d7020994.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.158.29.13 (Paris, France)

ASN12876 (AS12876 SCALEWAY S.A.S., FR)
PTR: online-prod.ipsfailover.com

kvt.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.31.80 (None, )

ASN13335 (CLOUDFLARENET, US)

bid.sparteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.199.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-199-224.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.30.209 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.178.3 (United States) 2 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.199.71.70 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.15.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-15-180.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.4 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.153.78 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.74.236.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1h.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.156.139 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.64.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-64-248.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-38.fra60.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.8.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-8-164.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
moneytizer-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.22.4.69 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.241.34.106 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 106.34.241.35.bc.googleusercontent.com

c.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.38.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.81.55.251 (United States)

ASN16276 (OVH OVH SAS, FR)
PTR: moderate9.cleantalk.org

moderate9-v4.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.75.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-75-134.us-west-2.compute.amazonaws.com

ids4.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (Amobee Amobee EMEA Limited, GB)
PTR: d-ams1.turn.com

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.35 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.53.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-53-198.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.196.111.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip64.ip-5-196-111.eu

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.172.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-172-26.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.228 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.63.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-63-113.eu-west-1.compute.amazonaws.com

euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.238.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-32-238-154.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.78 (None, )

ASN13335 (CLOUDFLARENET, US)

static.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.21 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.209.187 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-23-209-187.deploy.static.akamaitechnologies.com

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.1.77 (None, )

ASN13335 (CLOUDFLARENET, US)

track.kueezssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.71.58 (United States)

ASN13335 (CLOUDFLARENET, US)

gtrack.kueezssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otrack.kueezssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.162.144 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

bisrtb.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.193.101 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams03.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.230.176.78 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

bis6.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.199.89.209 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sync.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.30.80 (None, )

ASN13335 (CLOUDFLARENET, US)

sync.sparteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.82.157.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-137.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.234.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-234-25.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.167.155 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.155.167.202.116.clients.your-server.de

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.54.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-54-39.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.136.108 (Groningen, Netherlands) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.57 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	desenhopracolorir.com.br 1 redirects us.desenhopracolorir.com.br	501 KB
18	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1519 a.ad.gt — Cisco Umbrella Rank: 1619 p.ad.gt — Cisco Umbrella Rank: 1714 ids.ad.gt — Cisco Umbrella Rank: 1557 ids4.ad.gt — Cisco Umbrella Rank: 2415 seg.ad.gt — Cisco Umbrella Rank: 1984 pixels.ad.gt — Cisco Umbrella Rank: 1708	20 KB
17	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	140 KB
14	kueezrtb.com static.kueezrtb.com — Cisco Umbrella Rank: 6959 track.kueezrtb.com — Cisco Umbrella Rank: 6549 gtrack.kueezrtb.com — Cisco Umbrella Rank: 6559 otrack.kueezrtb.com — Cisco Umbrella Rank: 6627 exchange.kueezrtb.com — Cisco Umbrella Rank: 4639 sync.kueezrtb.com — Cisco Umbrella Rank: 2103	60 KB
13	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 450 grid-bidder.criteo.com — Cisco Umbrella Rank: 1731 dis.criteo.com — Cisco Umbrella Rank: 702 widget.us.criteo.com — Cisco Umbrella Rank: 17327 ssp-sync.criteo.com — Cisco Umbrella Rank: 980	4 KB
12	4dex.io script.4dex.io — Cisco Umbrella Rank: 3460 mp.4dex.io — Cisco Umbrella Rank: 2752 c.4dex.io — Cisco Umbrella Rank: 5816 u.4dex.io — Cisco Umbrella Rank: 3087	26 KB
12	id5-sync.com 5 redirects id5-sync.com — Cisco Umbrella Rank: 533 cdn.id5-sync.com — Cisco Umbrella Rank: 1004	67 KB
12	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 281 secure.adnxs.com — Cisco Umbrella Rank: 495 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8903 cdn.adnxs.com — Cisco Umbrella Rank: 1962 acdn.adnxs.com — Cisco Umbrella Rank: 643	42 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	188 KB
8	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687 aax.amazon-adsystem.com — Cisco Umbrella Rank: 468 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1199 s.amazon-adsystem.com — Cisco Umbrella Rank: 337	94 KB
8	rubiconproject.com 3 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 505 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1060 eus.rubiconproject.com — Cisco Umbrella Rank: 616 token.rubiconproject.com — Cisco Umbrella Rank: 500	3 KB
8	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 11560 cdn.pbstck.com — Cisco Umbrella Rank: 13594 intake.pbstck.com — Cisco Umbrella Rank: 11030	43 KB
8	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5292	47 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2931 rtb.openx.net — Cisco Umbrella Rank: 552 google-bidout-d.openx.net — Cisco Umbrella Rank: 2790 u.openx.net — Cisco Umbrella Rank: 761 moneytizer-d.openx.net — Cisco Umbrella Rank: 120465	1 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934 psb.taboola.com — Cisco Umbrella Rank: 6026 trc.taboola.com — Cisco Umbrella Rank: 763 trc-events.taboola.com — Cisco Umbrella Rank: 2914	24 KB
6	adform.net track.adform.net — Cisco Umbrella Rank: 5786 s1.adform.net — Cisco Umbrella Rank: 14017	282 KB
6	e-planning.net 2 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 12961 ads.us.e-planning.net — Cisco Umbrella Rank: 2820 u-ams03.e-planning.net — Cisco Umbrella Rank: 34021	5 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377	1 KB
6	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 62237	54 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 55	49 KB
5	smartadserver.com ww1097.smartadserver.com — Cisco Umbrella Rank: 58492 ssbsync.smartadserver.com — Cisco Umbrella Rank: 775	1 KB
5	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 788	242 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	410 KB
5	cleantalk.org moderate.cleantalk.org — Cisco Umbrella Rank: 17885 moderate9-v4.cleantalk.org — Cisco Umbrella Rank: 68470	6 KB
4	360yield.com ad.360yield.com — Cisco Umbrella Rank: 800 ice.360yield.com — Cisco Umbrella Rank: 2446 euw-ice.360yield.com — Cisco Umbrella Rank: 13247	3 KB
4	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 4719 csync.smilewanted.com — Cisco Umbrella Rank: 2609	859 B
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 id.crwdcntrl.net — Cisco Umbrella Rank: 2708 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	27 KB
4	creativecdn.com 2 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 8934 invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700 creativecdn.com — Cisco Umbrella Rank: 544	3 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712	424 B
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 c0a0221d4b3d1b2a46a475e7d7020994.safeframe.googlesyndication.com	197 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 393	2 KB
3	kueezssp.com track.kueezssp.com — Cisco Umbrella Rank: 12565 gtrack.kueezssp.com — Cisco Umbrella Rank: 12554 otrack.kueezssp.com — Cisco Umbrella Rank: 12547	2 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	19 KB
3	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 551 eb2.3lift.com — Cisco Umbrella Rank: 429	2 KB
3	zemanta.com b1h.zemanta.com — Cisco Umbrella Rank: 7537	800 B
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 985 match.sharethrough.com — Cisco Umbrella Rank: 530	1 KB
3	sparteo.com bid.sparteo.com — Cisco Umbrella Rank: 40959 sync.sparteo.com — Cisco Umbrella Rank: 40772	439 B
3	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1453 cdn-ima.33across.com — Cisco Umbrella Rank: 1329	7 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059 cms.quantserve.com — Cisco Umbrella Rank: 884	10 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	66 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4382	28 KB
2	vidazoo.com static.vidazoo.com — Cisco Umbrella Rank: 6234 bis6.vidazoo.com — Cisco Umbrella Rank: 13376	47 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	597 B
2	sddan.com kvt.sddan.com — Cisco Umbrella Rank: 46816	1 KB
2	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 12830	182 B
2	cpx.to p.cpx.to — Cisco Umbrella Rank: 12366 s.cpx.to — Cisco Umbrella Rank: 11765	6 KB
2	themoneytizer.fr cdn.themoneytizer.fr — Cisco Umbrella Rank: 75577 tmzr.themoneytizer.fr — Cisco Umbrella Rank: 79172	145 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 35445	193 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1543	173 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 534	426 B
1	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2430	336 B
1	cootlogix.com bisrtb.cootlogix.com — Cisco Umbrella Rank: 7383	183 B
1	adnxs-simple.com cdn.adnxs-simple.com — Cisco Umbrella Rank: 6199	35 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4257	61 KB
1	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 615	423 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 915	667 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1126	442 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 886	225 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1791	12 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120	17 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220	4 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1618	239 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	1 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3181	233 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	1 KB
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 80320	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 61026	859 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 14400	22 KB
1	biddertmz.com metrics.biddertmz.com — Cisco Umbrella Rank: 71020
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
307	74

	Domain	Requested by
37	us.desenhopracolorir.com.br	1 redirects us.desenhopracolorir.com.br static.cloudflareinsights.com
14	fundingchoicesmessages.google.com	us.desenhopracolorir.com.br pagead2.googlesyndication.com
10	id5-sync.com	5 redirects tmzr.themoneytizer.fr cdn.id5-sync.com
8	cmp.inmobi.com	us.desenhopracolorir.com.br cmp.inmobi.com
7	ids.ad.gt	1 redirects
7	gum.criteo.com	ads.themoneytizer.com tmzr.themoneytizer.fr static.criteo.net get.optad360.io
6	c.4dex.io	tmzr.themoneytizer.fr
6	match.adsrvr.org	p.cpx.to us.desenhopracolorir.com.br get.optad360.io
6	ads.themoneytizer.com	us.desenhopracolorir.com.br tmzr.themoneytizer.fr
5	www.bing.com	2 redirects us.desenhopracolorir.com.br
5	intake.pbstck.com	us.desenhopracolorir.com.br
5	prebid.a-mo.net	get.optad360.io tmzr.themoneytizer.fr
5	www.googletagmanager.com	us.desenhopracolorir.com.br www.googletagmanager.com p.ad.gt
4	trc-events.taboola.com	cdn.taboola.com
4	fra1-ib.adnxs.com	tmzr.themoneytizer.fr us.desenhopracolorir.com.br cdn.adnxs.com
4	ww1097.smartadserver.com	ced.sascdn.com
4	pbjs.e-planning.net	2 redirects us.desenhopracolorir.com.br
4	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
4	onetag-sys.com	ads.themoneytizer.com get.optad360.io us.desenhopracolorir.com.br
4	moderate.cleantalk.org	us.desenhopracolorir.com.br moderate.cleantalk.org
3	x.bidswitch.net	3 redirects
3	s1.adform.net	track.adform.net s1.adform.net
3	track.adform.net	tmzr.themoneytizer.fr s1.adform.net
3	p.ad.gt	a.ad.gt p.ad.gt
3	eus.rubiconproject.com	us.desenhopracolorir.com.br tmzr.themoneytizer.fr
3	c.amazon-adsystem.com	ads.themoneytizer.com c.amazon-adsystem.com
3	b1h.zemanta.com	tmzr.themoneytizer.fr
3	exchange.kueezrtb.com	tmzr.themoneytizer.fr us.desenhopracolorir.com.br
3	script.4dex.io	get.optad360.io script.4dex.io tmzr.themoneytizer.fr
3	ib.adnxs.com	1 redirects p.cpx.to get.optad360.io
3	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
3	www.google.com	www.googletagmanager.com us.desenhopracolorir.com.br ep2.adtrafficquality.google
3	gtrack.kueezrtb.com	static.kueezrtb.com us.desenhopracolorir.com.br
3	track.kueezrtb.com	static.kueezrtb.com us.desenhopracolorir.com.br
3	pagead2.googlesyndication.com	us.desenhopracolorir.com.br pagead2.googlesyndication.com
3	static.addtoany.com	us.desenhopracolorir.com.br static.addtoany.com
2	ssp-sync.criteo.com	1 redirects
2	csync.smilewanted.com	tmzr.themoneytizer.fr
2	creativecdn.com	2 redirects
2	acdn.adnxs.com	us.desenhopracolorir.com.br get.optad360.io
2	seg.ad.gt	p.ad.gt
2	cm.g.doubleclick.net
2	pixel.tapad.com	2 redirects
2	secure.adnxs.com	2 redirects
2	a.ad.gt	cdn.hadronid.net p.ad.gt
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	secure-assets.rubiconproject.com	2 redirects
2	tlx.3lift.com	tmzr.themoneytizer.fr
2	rtb.openx.net	tmzr.themoneytizer.fr
2	fastlane.rubiconproject.com	tmzr.themoneytizer.fr
2	mp.4dex.io	tmzr.themoneytizer.fr
2	grid-bidder.criteo.com	tmzr.themoneytizer.fr
2	ad.360yield.com	tmzr.themoneytizer.fr
2	prebid.smilewanted.com	tmzr.themoneytizer.fr
2	btlr.sharethrough.com	tmzr.themoneytizer.fr
2	bid.sparteo.com	tmzr.themoneytizer.fr
2	lb.eu-1-id5-sync.com	tmzr.themoneytizer.fr cdn.id5-sync.com
2	kvt.sddan.com	tmzr.themoneytizer.fr
2	oajs.openx.net	1 redirects us.desenhopracolorir.com.br
2	lexicon.33across.com	tmzr.themoneytizer.fr cdn-ima.33across.com
2	cdn.id5-sync.com	securepubads.g.doubleclick.net us.desenhopracolorir.com.br
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net us.desenhopracolorir.com.br
2	otrack.kueezrtb.com	us.desenhopracolorir.com.br
2	ssp.wp.pl	get.optad360.io
2	cdn.pbstck.com	boot.pbstck.com
2	static.kueezrtb.com	ads.themoneytizer.com static.kueezrtb.com
2	static.hotjar.com	us.desenhopracolorir.com.br www.googletagmanager.com
2	get.optad360.io	us.desenhopracolorir.com.br get.optad360.io
1	widget.us.criteo.com	1 redirects
1	dis.criteo.com	1 redirects
1	tr.blismedia.com
1	cms.quantserve.com
1	pr-bh.ybp.yahoo.com
1	u-ams03.e-planning.net
1	inv-nets.admixer.net	1 redirects
1	match.sharethrough.com
1	s.amazon-adsystem.com
1	moneytizer-d.openx.net	tmzr.themoneytizer.fr
1	sync.sparteo.com	tmzr.themoneytizer.fr
1	sync.kueezrtb.com	tmzr.themoneytizer.fr
1	eb2.3lift.com	tmzr.themoneytizer.fr
1	bis6.vidazoo.com	static.vidazoo.com
1	ads.us.e-planning.net	us.desenhopracolorir.com.br
1	ssbsync.smartadserver.com	us.desenhopracolorir.com.br
1	u.4dex.io
1	bisrtb.cootlogix.com	us.desenhopracolorir.com.br
1	otrack.kueezssp.com	us.desenhopracolorir.com.br
1	gtrack.kueezssp.com	us.desenhopracolorir.com.br
1	track.kueezssp.com	us.desenhopracolorir.com.br
1	cdn.adnxs-simple.com	adsdk.microsoft.com
1	static.vidazoo.com	tmzr.themoneytizer.fr
1	cdn.adnxs.com	tmzr.themoneytizer.fr
1	adsdk.microsoft.com	tmzr.themoneytizer.fr
1	euw-ice.360yield.com	tmzr.themoneytizer.fr
1	ice.360yield.com
1	match.prod.bidr.io	1 redirects
1	pixels.ad.gt	p.ad.gt
1	sync.go.sonobi.com	1 redirects
1	d.turn.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com
1	u.openx.net
1	ids4.ad.gt
1	moderate9-v4.cleantalk.org
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	cdn.hadronid.net	us.desenhopracolorir.com.br
1	cdn-ima.33across.com	us.desenhopracolorir.com.br
1	secure.cdn.fastclick.net	us.desenhopracolorir.com.br
1	google-bidout-d.openx.net	oa.openxcdn.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	pixel.quantserve.com	us.desenhopracolorir.com.br
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	c0a0221d4b3d1b2a46a475e7d7020994.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	id.crwdcntrl.net	tmzr.themoneytizer.fr
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	s.cpx.to	p.cpx.to
1	cadmus.script.ac	script.4dex.io
1	tmzr.themoneytizer.fr	ads.themoneytizer.com
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	prebid-eu.creativecdn.com	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	td.doubleclick.net	www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.optad360.net	us.desenhopracolorir.com.br
1	www.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	cdn.taboola.com	www.googletagmanager.com
1	adtrack.adleadevent.com	ads.themoneytizer.com
1	boot.pbstck.com	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	cdn.themoneytizer.fr	ads.themoneytizer.com
1	metrics.biddertmz.com	ads.themoneytizer.com
1	static.cloudflareinsights.com	us.desenhopracolorir.com.br
307	143

This site contains links to these domains. Also see Links.

Domain
de.desenhopracolorir.com.br
es.desenhopracolorir.com.br
fr.desenhopracolorir.com.br
desenhopracolorir.com.br
www.amazon.com

Subject Issuer	Validity	Valid
desenhopracolorir.com.br WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
static.addtoany.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.cleantalk.org Sectigo RSA Domain Validation Secure Server CA	`2024-09-12` - `2025-09-24`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2024-08-17` - `2025-09-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ads.themoneytizer.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-31` - `2025-07-31`	a year	crt.sh
metrics.biddertmz.com R10	`2024-09-20` - `2024-12-19`	3 months	crt.sh
themoneytizer.fr WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-16` - `2025-07-16`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
kueezrtb.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
p.cpx.to Amazon RSA 2048 M03	`2024-04-24` - `2025-05-23`	a year	crt.sh
pbstck.com WE1	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.adleadevent.com Amazon RSA 2048 M02	`2024-05-27` - `2025-06-26`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.optad360.net Amazon RSA 2048 M03	`2024-05-26` - `2025-06-25`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
script.4dex.io WE1	`2024-09-21` - `2024-12-21`	3 months	crt.sh
*.a-mo.net R11	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2024-03-04` - `2025-03-14`	a year	crt.sh
script.ac E5	`2024-10-19` - `2025-01-17`	3 months	crt.sh
s.cpx.to Amazon RSA 2048 M02	`2024-04-24` - `2025-05-23`	a year	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
cdn.prod.uidapi.com E6	`2024-09-11` - `2024-12-10`	3 months	crt.sh
lexicon.33across.com WR3	`2024-11-02` - `2025-01-31`	3 months	crt.sh
kvt.sddan.com R10	`2024-10-11` - `2025-01-09`	3 months	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
sparteo.com WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
smilewanted.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.kueezrtb.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-14`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
mp.4dex.io WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-02` - `2025-09-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
hadronid.net WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
c.4dex.io WR3	`2024-10-16` - `2025-01-14`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-20`	a year	crt.sh
a.ad.gt WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
p.ad.gt WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
ids.ad.gt WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
seg.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
pixels.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 04	`2024-10-17` - `2025-10-12`	a year	crt.sh
cdn.adnxs.com R11	`2024-10-31` - `2025-01-29`	3 months	crt.sh
vidazoo.com WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 04	`2024-06-24` - `2025-06-19`	a year	crt.sh
kueezssp.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.cootlogix.com Starfield Secure Certificate Authority - G2	`2024-10-13` - `2025-10-13`	a year	crt.sh
ads.us.e-planning.net R11	`2024-08-31` - `2024-11-29`	3 months	crt.sh
*.vidazoo.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-12` - `2025-04-03`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-17`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-09-06` - `2025-03-05`	6 months	crt.sh
tr.blismedia.com WR3	`2024-09-20` - `2024-12-19`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://us.desenhopracolorir.com.br/
Frame ID: 6105FE3B76A369817EAB8738D974BA24
Requests: 243 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7b2ec27f127242e&cb=1731725253015
Frame ID: 0699DA8974C04766C08A694B09FD757A
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 9A2B6716F1D88F4FACC54510EE53575A
Requests: 1 HTTP requests in this frame

Frame: https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 06B8387C03A53E5827030CCE1B107E1E
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1030473612?random=1731725253241&cv=11&fst=1731725253241&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45Pe4bc0v9170589776za200zb9132039829&gcd=13l3l3l3l5l1&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Coloring%20Pages%20-%20%2B%209.000%20FREE%20Coloring%20Pages%20to%20Download%20and%20Print&did=dZTNiMT&gdid=dZTNiMT&npa=0&us_privacy=error&pscdl=noapi&auid=2070183189.1731725253&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 1D4D0D603E737EAA497DAAFE92125DA3
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fus.desenhopracolorir.com.br
Frame ID: AAD7A28C76E654C243B94177DECF43DD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 2988DB01CB7D17C60E54C5725218BAA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html
Frame ID: 578DCF6F3EF562245CB7B931ACB3E0DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1124155844706179&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1731722081&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aifgd=1&aipaq=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731725253087&bpp=3&bdt=281&idt=209&shv=r20241112&mjsv=m202411130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4405009457956&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343681%2C95344187%2C31088923%2C95335247%2C95345966&oid=2&pvsid=2456334195064758&tmod=1741038533&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=775
Frame ID: 7B1ADD45B73B50815B59B8C314C30AB8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=us.desenhopracolorir.com.br&gdpr=0&gdpr_consent=
Frame ID: 8F78ABA847639F3EDA82E98DC1CA6813
Requests: 1 HTTP requests in this frame

Frame: https://c0a0221d4b3d1b2a46a475e7d7020994.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 605D23E9CDF753ABCC9A1F516E055A97
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 5F2BF0822EBA4E4BCB359642357CEE51
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: F090B98D74526B9E7B365736AB95831E
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 99D7523ADB12C3E5B7ADD2A9FE808FDD
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_rbd_ppt_n-acuityads_n-Outbrain&dcc=t
Frame ID: DD23829C5F46CE0D31837FE94FC93795
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 5DEA8E0FDA1FBCD412869640CE1D746C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65790CB76E12C47E6F32BB20F24D8EF5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 7F0E590D8FA2D714C5C030E62D0627A0
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=77142872;rtbwp=XNDBWRqYZG3j9cOdRHPeFISV2OcaNIhalEus3w;rtbdata=4HHZyUutvz4wldpIFtIHbRRSwnYkZac7eYjTtOFC540HIySwpuhXs3VMcvqAsh8tikSyMY6XAlz-qrLWfHGTeSR-ZLI3ep12ML1IqY3uPS-g1zVH0DpK3Oo6XELVSBbZHOnQSNDvs2sIDB105qOSPUxR-4uXSg0svSstDAuRJ3zV3Ezd_4T1nK4QIbiOwUfTju2Xrfyx4IYio5XUF4szG0A5xDL0aR0pluyR1F53LYmBqVgcSavbfFEQqA0NLHUY2Io8g46rQ3wzHSJ7rPQEyJfJ9O5mgyRjeg7mM5pL3dvrohOHwizGqBgzvdXGwNvwZPSVCRcBPzE1
Frame ID: 31F23E6EDFEAAD9D53A7AC1975CC2B45
Requests: 7 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: EE01E4EE8B61BC7476C71D629BA4FBFF
Requests: 16 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8826&pub_id=1133447
Frame ID: BE429719493B02C896378A5C69DB9E54
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1731725253680&gdpr=0
Frame ID: 838E39A1C549C80C8E7D994F52018716
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=85792606238868830000&sn=mc_adapter
Frame ID: FD993AB589F6B9F8A493F101D0507868
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 867629BC46D11E4F40CBBD1DFAF310A5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4BB783DDC8941E9003753E76E03D2ADC
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 5A9DA9F12D45B9ED02F3D016154D3876
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: CE36A91B23B0B2FADA29385D359C21EE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 986D6591FF7E1E81CB1EB3580B16E1B7
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 40D7E306485C8B8719D32FFE7906A725
Requests: 1 HTTP requests in this frame

Frame: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 6C2687BB105DCE1D8A482580C277BFE1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 0D4B2991E0592FFEA02B738194832085
Requests: 1 HTTP requests in this frame

Frame: https://sync.sparteo.com/sync/iframe.html?from=prebidjs&gdpr=0&gdpr_consent=
Frame ID: 59C9D4E75C5D1D60E498DECAD176A0D0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: ABB7775DA92AF135FE1EC1F775B2B420
Requests: 1 HTTP requests in this frame

Frame: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: A9CB8B353D8F094B23691CF4434B1F2B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=us.desenhopracolorir.com.br&gpp=
Frame ID: A8667A675BF94C1A8F54CA07DD1A9F61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coloring Pages - + 9.000 FREE Coloring Pages to Download and Print

Page URL History Show full URLs

http://us.desenhopracolorir.com.br/ HTTP 307
https://us.desenhopracolorir.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

307
Requests

93 %
HTTPS

0 %
IPv6

74
Domains

143
Subdomains

112
IPs

9
Countries

3000 kB
Transfer

8255 kB
Size

120
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://de.desenhopracolorir.com.br/
Title: DEUTSCH 🇩🇪

Search URL Search Domain Scan URL

URL: https://es.desenhopracolorir.com.br/
Title: ESPAÑOL 🇪🇸

Search URL Search Domain Scan URL

URL: https://fr.desenhopracolorir.com.br/
Title: FRANÇAIS 🇫🇷

Search URL Search Domain Scan URL

URL: https://desenhopracolorir.com.br/
Title: PORTUGUÊS 🇧🇷

Search URL Search Domain Scan URL

URL: https://www.amazon.com/stores/author/B0CLQQ9G76/allbooks
Title: <img decoding="async" src="https://us.desenhopracolorir.com.br/wp-content/uploads/2024/10/our-coloring-books-at-amazon.jpg" alt="Our Paperback Coloring Books At Amazon" width="300" height="300">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://us.desenhopracolorir.com.br/ HTTP 307
https://us.desenhopracolorir.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 92

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 134

https://oajs.openx.net/esp?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&rid=esp&cc=1

Request Chain 148

https://pbjs.e-planning.net/pbjs/1/2a156/1/us.desenhopracolorir.com.br/ROS?rnd=0.22049738716036948&e=26711%3A300x250%2C300x168&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e HTTP 302
https://pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26711%3A300x250%2C300x168&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e

Request Chain 167

https://pbjs.e-planning.net/pbjs/1/2a156/1/us.desenhopracolorir.com.br/ROS?rnd=0.22049738716036948&e=26323%3A300x250%2C300x600&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e HTTP 302
https://pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26323%3A300x250%2C300x600&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e

Request Chain 176

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 177

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 197

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_rbd_ppt_n-acuityads_n-Outbrain HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_rbd_ppt_n-acuityads_n-Outbrain&dcc=t

Request Chain 215

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&adnxs_id=$UID&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&adnxs_id=219247319205787899&gdpr=0

Request Chain 218

https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001731725255-YQNUXSKF-F16K&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&rub=M3JKI5SH-D-8OF1&gdpr=0

Request Chain 220

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001731725255-YQNUXSKF-F16K&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001731725255-YQNUXSKF-F16K%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001731725255-YQNUXSKF-F16K&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001731725255-YQNUXSKF-F16K%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&tapad_id=885eeafb-df5d-41ac-9e27-427e45d6c75e

Request Chain 222

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001731725255-YQNUXSKF-F16K HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=3284636752864110541&id=AU1D-0100-001731725255-YQNUXSKF-F16K

Request Chain 223

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&uid=90296adb-064e-484c-958f-8b26acccb373&gdpr=0

Request Chain 224

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001731725255-YQNUXSKF-F16K HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMTcyNTI1NS1ZUU5VWFNLRi1GMTZL

Request Chain 233

https://id5-sync.com/i/12/8.gif?o=api&id5id=ID5*zsD_OXjpaHmI2Ss70i50-bi3pyJuyboq-d5rBRtBTo7ZT9iWNs1BkBI4sBVDKE1h&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/2/7/2.gif?puid=219247319205787899&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://id5-sync.com/k/155.gif?puid=AAB1RE7OcBAAABbqkF6Nmg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 260

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2e6d09a2-6963-412b-a4bd-9815ef2cfe79&bidId=15000&bidderId=4&cmExpId=LV2&impId=6752463083786637299&oAdUnit=391466&publisherId=162645330&rId=0cadd31e-891d-4392-9c27-1ff98da2c0f0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D7c0fb9cde4854ddf895d7620a8f195f2%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=26684579&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=6752463083786637299&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7c0fb9cde4854ddf895d7620a8f195f2&SNR=1&GV=2&med=10

Request Chain 273

https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
https://u.4dex.io/setuid?bidder=rtbhouse&uid=dW-iyY_CknzZVk-O4QRjTWxbi9LPevMYNtQhmK8tlzE&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Request Chain 276

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2e6d09a2-6963-412b-a4bd-9815ef2cfe79&bidId=15000&bidderId=4&cmExpId=LV2&impId=6752463083786637299&oAdUnit=391466&publisherId=162645330&rId=0cadd31e-891d-4392-9c27-1ff98da2c0f0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D7c0fb9cde4854ddf895d7620a8f195f2%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=26684579&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=6752463083786637299&wp= HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c0fb9cde4854ddf895d7620a8f195f2&tids=15000&med=10

Request Chain 298

https://inv-nets.admixer.net/adxcm.aspx?ssp=0CC7386A-D5A3-4B90-AEEB-3E67F8FEF4D3&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7Bvisitor_cookie%7D%26dc%3D83623068d1df1220%26fi%3D87be82dd63ab617a HTTP 302
https://u-ams03.e-planning.net/um?uid={visitor_cookie}&dc=83623068d1df1220&fi=87be82dd63ab617a

Request Chain 301

https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26fi%3D87be82dd63ab617a HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=87be82dd63ab617a

Request Chain 304

https://x.bidswitch.net/sync?ssp=criteo&custom_data=UErapl9YJTJGc3phejRrWVZVTDVXajNjcUdnS2UlMkJKMWVkc2ZDU0JER0M5TCUyRmJtbmJRJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-6sFOb9Ewd_kRiYavAaATRyMLvng5cQK-Na3voA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=UErapl9YJTJGc3phejRrWVZVTDVXajNjcUdnS2UlMkJKMWVkc2ZDU0JER0M5TCUyRmJtbmJRJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-6sFOb9Ewd_kRiYavAaATRyMLvng5cQK-Na3voA HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://widget.us.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-6sFOb9Ewd_kRiYavAaATRyMLvng5cQK-Na3voA&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=P6aBnV9QVkJZZEN0RTVPa01QVW9OJTJGaGZOTWdWNW8zcnE0WEZtUEtmUktaSWUwaDVDUTd2MUNLeW9GS1NwZTVKaVhieFFJUWl0MWEwc0hNWE5LRzJXeHlubWxHRjBBdG1TYnhOMzdSV1NvdGI5akNhZlEzenpCbXQ1OEVmMmVZM0xGNVglMkY5SURpUmtZWUg0TXJZNzhzZnlSckslMkZKT2Z4S3d5dG0lMkJDNDlsdUFaJTJCTHVYd2xYd2xEMDdYYzg2WG1yeGJiTjNl&u=700d98b1-f80e-4bfa-94a9-162845724717 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-n7bJEtEwd_kRiYavAaATRyMLvnic9mE3U45fFg

Request Chain 305

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dM5zGlF9uQ1hsejhJSllWV2NnSFNYRE5NaHB6MVg0SVFPRSUyQlE1OXVHYzRjb2thY2MlM0Q%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=M5zGlF9uQ1hsejhJSllWV2NnSFNYRE5NaHB6MVg0SVFPRSUyQlE1OXVHYzRjb2thY2MlM0Q&u=219247319205787899&gdpr=0&gdpr_consent=

307 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
us.desenhopracolorir.com.br/
Redirect Chain

http://us.desenhopracolorir.com.br/
https://us.desenhopracolorir.com.br/

158 KB
32 KB

592ms
459ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856229b47d8a29dd99474b72c161622127b3cffaec36aa2dda4b10799888ceac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8e34282b081e6664-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 02:47:32 GMT
expires: Sat, 16 Nov 2024 02:47:32 GMT
last-modified: Sat, 16 Nov 2024 01:54:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWFs3aai7qvT%2BdH23wxgIx34tlkLf4nZjOWMU0yIBpanQm62SPefhcABtE07zfpYLHOcIXiHGSxvRz14SB%2Fpm6vPtcQUI6UZprpwT6X9cRIHfYMxJit4XMC1lFp7pYJEGFb1Q1fbg2hli9cTdcQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=11922&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2338&delivery_rate=347039&cwnd=253&unsent_bytes=0&cid=d9ea72c0a3f8cb49&ts=466&x=0"
vary: Accept-Encoding

Redirect headers

Location: https://us.desenhopracolorir.com.br/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 cute-coloring-pages-printable-00000-900x400.jpg
us.desenhopracolorir.com.br/wp-content/uploads/2024/04/ 18 KB
18 KB 29ms
25ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.desenhopracolorir.com.br/wp-content/uploads/2024/04/cute-coloring-pages-printable-00000-900x400.jpg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b7c704c828ca494c94ca9c978994cbaea107ceed006f3bf0b3b5f71d902cc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-cache-status: HIT
age: 45339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FvMaFVcWAFHn%2B4SPT3Y8IOAYIS2wAmnhLiRF4oTg9wVyQfYXC8Uz6%2FXafED078KokyZuOkkGvlSr6ktHZFcvzZi02CsS2ldJSw3iu48SGM1bxxwewWpeH7Yy7zllPPGZRrIP3B0VuJDrJdQago%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 21:11:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=99&recv=47&lost=0&retrans=0&sent_bytes=99240&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=0&cid=d9ea72c0a3f8cb49&ts=558&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: image/jpeg
last-modified: Mon, 08 Apr 2024 14:29:33 GMT
vary: Accept-Encoding
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e59c56664-AMS
accept-ranges: bytes
content-length: 17932
server: cloudflare

GET
H2 200 761c3c4aa203885df40c9f5e0d2a4236.css
us.desenhopracolorir.com.br/wp-content/fonts/ 13 KB
1 KB 26ms
23ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/fonts/761c3c4aa203885df40c9f5e0d2a4236.css?ver=20201110
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c42d43a307933ea6279e4537f5d8a1b85545e5d2c67f920a8367afa2b3aee7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 175901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5AtdfV3WJidLCPOUi6cQyUqCpD0cFX7atJHOWqUSzpazDoZk2E4p07GIzv6BhLVElX553REKEn0GTHIl5oM%2FoKlSGd3Ng%2BSDBqn9pqzbAFHDiIRK6K9YNDqLQbHRxj0hVvxGKJ884ezO4MssseI%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
cf-polished: origSize=15940
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=42&recv=46&lost=0&retrans=0&sent_bytes=37184&recv_bytes=3487&delivery_rate=2842661&cwnd=257&unsent_bytes=0&cid=d9ea72c0a3f8cb49&ts=557&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 09 Nov 2023 05:50:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e49bb6664-AMS
server: cloudflare

GET
H2 200 style.min.css
us.desenhopracolorir.com.br/wp-includes/css/dist/block-library/ 110 KB
21 KB 28ms
24ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-includes/css/dist/block-library/style.min.css?ver=b5cef37ee28ccfe16a5bf46533ba5b0a
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbuWD5zZNf9MbH%2B2XEEu3wwMboai0lgjuWA7yFIw1Ex9FdzeVgIs5JLeEYw8m7MA7ERxclUCoP%2Fs1epbSrexCkNgCWWULoQTEQlvRj5wfF%2BUlNzltrEBdGiqz6wFZm04b69ek%2FN4uXeCAdlskz8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e34282e49bc6664-AMS
expires: Sat, 13 Sep 2025 18:01:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=49&recv=46&lost=0&retrans=0&sent_bytes=40958&recv_bytes=3487&delivery_rate=2842661&cwnd=257&unsent_bytes=0&cid=d9ea72c0a3f8cb49&ts=558&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 10 Sep 2024 17:42:49 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 cleantalk-public.min.css
us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/css/ 4 KB
2 KB 27ms
23ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.45.1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec58cb4a348452b2adb64330901dc3ed98b3bf4f049f7e3e1f88f9256d9434c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 38384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTAGFTZZVcwQ3Ek96NRE50Nd%2Fot60YKKk8VlQhbVFA2Qu%2Bb5ItlaJ%2FQmetEKJkBw7gKGChAdb8kn2brto1WrlCu39QNPwjy44cRupwrcoobN%2BhGG2T2PKnirREQf9lUq2eRwFvWgmD8Ks%2BcPtoE%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 15 Nov 2025 13:25:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=45&recv=46&lost=0&retrans=0&sent_bytes=38763&recv_bytes=3487&delivery_rate=2842661&cwnd=257&unsent_bytes=0&cid=d9ea72c0a3f8cb49&ts=557&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 15 Nov 2024 13:25:00 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e49be6664-AMS
accept-ranges: bytes
content-length: 1623
server: cloudflare

GET
H2 200 cleantalk-email-decoder.min.css
us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/css/ 2 KB
1 KB 40ms
37ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-email-decoder.min.css?ver=6.45.1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42b014fd5dbebc651cf8c7ea7bdf76370de80c956f83c3f5f377cc4a47d4c0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 38384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jMNF5D9Hi6CuidFv4NqJckfK%2B96HXnvT5I0F3pGmlt0tHVEddC4537Uy%2FSS%2Fw07YSO6vxxi69hy1Txr1iGAguofe71DZ9q%2BfKosQVS%2BxkW0Pdc9kRkWzowkWRA3UII4yYZ3hK3LYc6HzhSSufc%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 15 Nov 2025 13:25:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=18200&cid=d9ea72c0a3f8cb49&ts=561&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 15 Nov 2024 13:25:00 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e59c26664-AMS
accept-ranges: bytes
content-length: 792
server: cloudflare

GET
H2 200 dashicons.min.css
us.desenhopracolorir.com.br/wp-includes/css/ 58 KB
35 KB 27ms
24ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-includes/css/dashicons.min.css?ver=b5cef37ee28ccfe16a5bf46533ba5b0a
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
age: 63402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzT4bHBvKynze1oskb2PojaCICoqI9iD3WNVn6NCLBRX1l%2FENyjLYdShisLxFK7JXu8FgTxE%2FFFXbFpr5Jc1rPR5OAi0c1syI6krWfbGtJB3fqo5BxcAi6sjGDCfcYcV7PXJwyUhecYGfUcKy8Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e34282e59c46664-AMS
expires: Sat, 13 Sep 2025 18:01:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=69&recv=46&lost=0&retrans=0&sent_bytes=62897&recv_bytes=3487&delivery_rate=2842661&cwnd=257&unsent_bytes=0&cid=d9ea72c0a3f8cb49&ts=558&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 04 Mar 2021 05:46:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 thickbox.css
us.desenhopracolorir.com.br/wp-includes/js/thickbox/ 2 KB
1 KB 40ms
37ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-includes/js/thickbox/thickbox.css?ver=b5cef37ee28ccfe16a5bf46533ba5b0a
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80eb607e673d011e040d3c7077f1698570746bbdd9e3753ec918562e7f010dc0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkqvvajuIzB3IGBT%2BeLoFSM5Ut1ALoVklkDxNNV8ZZNW0z%2FIlJ%2BEio2oHnzDEtQdhiNMozSnD9%2BW3JiFmiQwn57KWYxGKIWTC%2FSZK73achdHNiq4zeCFcsGeAXoOJ0UBU59dhmpn4Q8P8mx9vzc%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
cf-polished: origSize=2659
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=16656&cid=d9ea72c0a3f8cb49&ts=561&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 26 Oct 2020 10:55:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e59c66664-AMS
server: cloudflare

GET
H2 200 style.css
us.desenhopracolorir.com.br/wp-content/themes/tortuga/ 59 KB
12 KB 41ms
38ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/themes/tortuga/style.css?ver=2.3.9
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adbd560ca3517b2046d70dc6bbc3a35a4bc1e5d9cba8f71aad4f6becf4ff6bd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZcGwXta4W5rLLngs1OD1Pc83XcVNlRmNw%2FjEI%2BoIOVD2AC%2FsszjYXkB94HgMpvjQO%2BNxSxNXcb68kG76ktijWRWb6VKkghJqWjfOBqfEyItPIyxT%2Fpgaus%2F%2FEA7jSVhNO4IBPxEEby5NxsHP9A%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
cf-polished: origSize=79517
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=21317&cid=d9ea72c0a3f8cb49&ts=563&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 25 Jan 2024 17:45:36 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e59c96664-AMS
server: cloudflare

GET
H2 200 safari-flexbox-fixes.css
us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/css/ 272 B
619 B 40ms
37ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/css/safari-flexbox-fixes.css?ver=20200420
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2078b1fc26057bd40c39f4e55df28c39979d4ee64688a971dcdc2b8516827b5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FPjAC3utZ7B8IHGfAQRmhYdiF9feX2czBwqf1PT5lqSalAEISu0l4tVelgd8Zu2XXmG0AkbFQ04b%2BDNH86Ii29gyj7objLOlMddLM9eEhAWFaGrvuDjgeMcfWw%2FD5m4Tke9XanrgjfwdkY3%2FVY%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
cf-polished: origSize=470
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=19546&cid=d9ea72c0a3f8cb49&ts=561&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 25 Jan 2024 17:45:36 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e59cb6664-AMS
server: cloudflare

GET
H2 200 addtoany.min.css
us.desenhopracolorir.com.br/wp-content/plugins/add-to-any/ 2 KB
1020 B 42ms
40ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 4817401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oL90UjtK7DHS8qu5JTnTqOKaUSBdvLqAmVwkMnuErd21CNhspNpQzCP1DDIXyAC8P3ci0VCWIeUQ2zbLmj93ToRSUu6btDIo0tedxJtRq75nAwPsvGAZMjfzb143B8gehcnYLLm%2BEJN9J9H%2BQZQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 20 Sep 2025 03:10:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=20231&cid=d9ea72c0a3f8cb49&ts=561&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 25 Jul 2024 15:48:02 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e59cd6664-AMS
accept-ranges: bytes
content-length: 544
server: cloudflare

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 49ms
24ms Script
application/javascript 104.22.70.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7980d9a797beb21fbeb086d8f294ad7b"
age: 13576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5%2FHrg9DhDKznr2fSN1y33DK%2Fu2iqv5Ccuz73nAALDpzlDztaaEuLjBKtgG7Gc3rxIjW14ZqWfDXx1ZMFsuoMBMMvE3hRquzofPK2D7gU7ArNLSX12QrAggc5fz0QGOR13RpSMm7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e34282effcc9fc6-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 jquery.min.js Show response
us.desenhopracolorir.com.br/wp-includes/js/jquery/ 86 KB
38 KB 41ms
39ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
age: 1888446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zupoughjyp4k58XwZzJMmxIg6F0Vyu7xMRsN6fbYIB7FI5j9FizAPu%2BN2IafgTWE8StkZWxryiOcfUmqCJmqQHfBDkErH83pW6g36uS3nrXuSYdFwGPHuEmg40UxEOuunLbObEveumdAQpfJ5go%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e34282e69cf6664-AMS
expires: Sat, 13 Sep 2025 18:01:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=31901&cid=d9ea72c0a3f8cb49&ts=568&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 01:44:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-migrate.min.js Show response
us.desenhopracolorir.com.br/wp-includes/js/jquery/ 13 KB
6 KB 40ms
38ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HhpOGozGoVRCKGsTpSpBlqL%2Fs5rt81iPozDAdMcglSVukuEsixqHQ7Ikq%2FcOaQr82FnsK8YEpZYhr6nVXkjg9gY1U3DKGpMm22a7LbYmS%2Fl1A4Lgq6da3DwJF69Cavj81Uv21OvlkdMO%2Fk5R44%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=31901&cid=d9ea72c0a3f8cb49&ts=567&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 09 Jun 2023 14:19:24 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e69d06664-AMS
accept-ranges: bytes
content-length: 5422
server: cloudflare

GET
H3 200 addtoany.min.js Show response
us.desenhopracolorir.com.br/wp-content/plugins/add-to-any/ 129 B
835 B 26ms
22ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 4817401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuWBgGZvYWO%2F%2FtiSO8mYB4TTeTRb5uDvWSbLoaM2J5eCIGJk9s9zU6ngAXVOW%2FrekPdRN5uiOuGcL7Ft%2B22KC5S%2FZurPDLIB%2FK5UKf9eI2%2FRkON4%2BfO8IC48JbJvjRB0Q%2B8X3nwaCo7LjjKdPFM%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 20 Sep 2025 01:21:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11821&sent=16&recv=17&lost=0&retrans=0&sent_bytes=5790&recv_bytes=6937&delivery_rate=740&cwnd=12000&unsent_bytes=0&cid=a884448120ec1f81&ts=98&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 25 Jul 2024 15:48:02 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ed8c91c77-AMS
accept-ranges: bytes
content-length: 126
server: cloudflare

GET
H2 200 apbct-public-bundle.min.js Show response
us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/js/ 83 KB
31 KB 41ms
39ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.45.1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbb405d0bd321bbf62a29da6a2055344deb45afaab97a56e5c9db80d106cf99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
age: 38384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJff77zxCu0jTzk2Fu%2FeFO1Ya6RT9KJ7uJFXsUiCvncLQrNdQyXUwK7%2B1bHZKIDpiOS%2B5D3zwH%2F9A5tWyUOzqkM8E5SWIXGy6ipvMDL5D2k%2B0BAf78u0gpIw3sRAS1BCrLq5tTVcWEeDzIloDSA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e34282e69d16664-AMS
expires: Sat, 15 Nov 2025 13:25:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=31901&cid=d9ea72c0a3f8cb49&ts=568&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 13:25:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK ct-bot-detector-wrapper.js Show response
moderate.cleantalk.org/ 382 B
733 B 76ms
23ms Script
application/javascript 88.198.153.60
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js?ver=6.45.1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.153.60 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: moderate3.cleantalk.org
Software: nginx /
Resource Hash: 68473113e3c97b3448acce1b980410fc237b2df36266ae6481f41cad00dd3df3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Cache-Control: max-age=315360000
ETag: "6707b299-17e"
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: : *
Content-Length: 382
Date: Sat, 16 Nov 2024 02:47:32 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Oct 2024 10:55:21 GMT
Server: nginx

GET
H2 200 svgxuse.min.js Show response
us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/js/ 3 KB
2 KB 41ms
40ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/js/svgxuse.min.js?ver=1.2.6
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 63402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hE8EneHScNqm4pRFKp1AwWCUc81jxdP%2FPTIyrkgxxicJ6vp0zJsXY6JeIn95Nf4LgY9YkbUwW4pF4tgdoSHQiYk5Y90CdHfQyt6NPaYQjj1HsMWwS33FVoI4NdT%2BKGmYKwJIkFVFlypBtiWJQe4%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 14 Nov 2025 19:22:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12238&sent=103&recv=49&lost=0&retrans=0&sent_bytes=102860&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=30353&cid=d9ea72c0a3f8cb49&ts=569&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 25 Jan 2024 17:45:36 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e69d26664-AMS
accept-ranges: bytes
content-length: 1320
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 369 KB
122 KB 108ms
55ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-KFL2ZBB

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

290bbd18a349c2e75f3373e908f1278badd127fc9f3f86f66e7b164cdfa8f2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 02:47:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 124113
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/18428866-913d-4cc6-920a-d3c0363e1f15/ 165 KB
39 KB 108ms
21ms Script
application/javascript 18.66.147.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/18428866-913d-4cc6-920a-d3c0363e1f15/plugin.min.js
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef21b3a4e9cb3a617bb52016555bdc4ecc3353f58783380c3e2d655e912b7270

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

vary: accept-encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"3e562c7ef77c7a436edb95b277b94af5"
age: 55152
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: bvT3y0Ism86Gv8TUe_OwEFbhN-eTU5jqSi1W97YLRNzouggVnw99Jg==
date: Fri, 15 Nov 2024 11:28:22 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2024 09:52:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
53 KB 76ms
34ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1124155844706179&host=ca-host-pub-2644536267352236

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

56ec598b83b6346e83ece33871fbeca5303d44ded56350440a9ece2fd49bfc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://us.desenhopracolorir.com.br
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
etag: 17489807751067440038
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:47:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53856
x-xss-protection: 0
server: cafe

GET
H2 200 pub-1124155844706179 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 106ms
42ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-1124155844706179?ers=1

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

800613f83dd6a86ce650b60b405feae9f73ff74c9c535360585461e00bf5338f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V35JRZkEPqMlUcOL0OrIOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4pnnL7MuBOIiiSusDUB8u-kK62MgZvh6hZUDiIW4OY72P9jJJvDj_Fs2JY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQ0MTPQPD-AIDANVdRHY"
content-security-policy: script-src 'report-sample' 'nonce-V35JRZkEPqMlUcOL0OrIOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 venom-coloring-pages-00000-900x400.jpg
us.desenhopracolorir.com.br/wp-content/uploads/2024/04/ 57 KB
57 KB 41ms
40ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.desenhopracolorir.com.br/wp-content/uploads/2024/04/venom-coloring-pages-00000-900x400.jpg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb0fc3700ca8420ec1e80fb1781357ade7bf4eef92d7d1f119c510e0b61cad85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-cache-status: HIT
age: 58863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDAx7J%2BKjISQlFAu2mvHIiB%2FafnpTQQMoM3IeyEdMo7PvIxwdbW7iZA8OGwe%2BjNlP7A4uAB4vUnR%2BQXzmAnBgpHx3nLOT2F6V67QtbebpyM6ALXoLyWeEtJZ8IAKj%2BvXxHGQYr9hh2xs2OiKt%2FY%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 21:11:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12300&sent=101&recv=47&lost=0&retrans=0&sent_bytes=101312&recv_bytes=4085&delivery_rate=2842661&cwnd=257&unsent_bytes=31901&cid=d9ea72c0a3f8cb49&ts=569&x=0"
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: image/jpeg
last-modified: Wed, 03 Apr 2024 12:33:02 GMT
vary: Accept-Encoding
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282e69d36664-AMS
accept-ranges: bytes
content-length: 57953
server: cloudflare

GET
H2 200 baby-yoda-coloring-pages-00000-900x400.jpg
us.desenhopracolorir.com.br/wp-content/uploads/2024/04/ 33 KB
34 KB 149ms
148ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.desenhopracolorir.com.br/wp-content/uploads/2024/04/baby-yoda-coloring-pages-00000-900x400.jpg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35121a2b55aa9b50e1b68534f06fd8f5f80352c3c166fdcb7cd8de94c728c71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udwIjF5Qagh0M6nY6HYh2qIyLZgdQfAyX5XTx7zibp8H5MEU43v11DaMjrh%2B0si3RcD15cUZWhjoCFv6r9%2BLIBQcOTFyc2RL1b8bbyWu2XcLrXdOzjHEbNJKQL8TnEQND212SPElXOI2Jt7%2ByJA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e34282e69d46664-AMS
expires: Sat, 11 Jan 2025 20:09:11 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=13231&sent=229&recv=110&lost=0&retrans=0&sent_bytes=271717&recv_bytes=4085&delivery_rate=7909657&cwnd=337&unsent_bytes=0&cid=d9ea72c0a3f8cb49&ts=683&x=0"
content-length: 34172
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: image/jpeg
last-modified: Tue, 02 Apr 2024 11:53:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nightmare-before-christmas-coloring-pages-00000-900x400.jpg
us.desenhopracolorir.com.br/wp-content/uploads/2024/10/ 26 KB
27 KB 139ms
138ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.desenhopracolorir.com.br/wp-content/uploads/2024/10/nightmare-before-christmas-coloring-pages-00000-900x400.jpg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a98b6f6f3d579405df2144f16c7fb5ee5a159034d2ca884b826f15e87acd9d57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UwfoByOv66Lxyket0ihgz1xskLtOoZ7DawqYhwV0%2B5C3FL0mUqAijnlEPSw%2Bts9gpZtloYNCMdqZYloFY0nM9XL5zQWoBy73KrpbkO6FqGBa74E7XyS8l6Pv7H48X07veBdvoq2ef%2FdO4eOEJCg%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 27 Feb 2025 12:05:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12929&sent=121&recv=66&lost=0&retrans=0&sent_bytes=119427&recv_bytes=9849&delivery_rate=3720589&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=195&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 11:54:57 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282eb8b71c77-AMS
accept-ranges: bytes
content-length: 26803
server: cloudflare

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 75ms
27ms Script
text/html 104.22.62.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=3
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.62.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

server: cloudflare
cache-control: max-age=259200
content-encoding: br
cf-cache-status: HIT
age: 78444
cf-ray: 8e34282f1e4e06dc-AMS
apigw-requestid: BRZFpjLsjoEEJFQ=
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 05:00:07 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 226 KB
24 KB 79ms
31ms Script
text/html 104.22.62.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.62.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: ca6da7ab0791d17b6c746f5331e20435fb2566e3950bc85d67b2e9295132fdb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

server: cloudflare
cache-control: max-age=259200
content-encoding: br
cf-cache-status: HIT
age: 55157
cf-ray: 8e34282f1e5106dc-AMS
apigw-requestid: BRZNvioUjoEEM6w=
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 05:00:58 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 74ms
27ms Script
text/html 104.22.62.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=19
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.62.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

server: cloudflare
cache-control: max-age=259200
content-encoding: br
cf-cache-status: HIT
age: 78445
cf-ray: 8e34282f1e5006dc-AMS
apigw-requestid: BRZFrju_joEEMJA=
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 05:00:07 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 226 KB
25 KB 79ms
32ms Script
text/html 104.22.62.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=19
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.62.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: a304c48e151558af981854ec70650fa7fc8c8e669210823f8466455f525130a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

server: cloudflare
cache-control: max-age=259200
content-encoding: br
cf-cache-status: HIT
age: 55156
cf-ray: 8e34282f1e4f06dc-AMS
apigw-requestid: BRZNvieQjoEEM0Q=
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 05:00:58 GMT

GET
H3 200 thickbox.js Show response
us.desenhopracolorir.com.br/wp-includes/js/thickbox/ 10 KB
4 KB 27ms
23ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12b6511c47cdeca6bef0fe2d4d12467729955fbead8dd00cd18f714d4b9ec90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5GgSg%2ByP%2FK0XCLC%2FDbEiRYBEtp6jbWYMNIOhZtBIjqIAHdmRZwSZoYyN2UWcJnX77maIZVlMnVM5FFFoN3%2BVffKNIqX6XkGuTGW%2B%2FbWzJmRe5TdAHm3oikIhhdXWUfszRwcFo%2BDVHNX%2F%2Fu7jgc%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
cf-polished: origSize=13332
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11821&sent=21&recv=17&lost=0&retrans=0&sent_bytes=10889&recv_bytes=6937&delivery_rate=740&cwnd=12000&unsent_bytes=0&cid=a884448120ec1f81&ts=98&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 16 Jul 2024 17:43:42 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ed8c51c77-AMS
server: cloudflare

GET
H3 200 navigation.min.js Show response
us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/js/ 2 KB
1 KB 25ms
21ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/js/navigation.min.js?ver=20220224
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb54bb4f86551b9a6cbee477777912d7f6cb8f12469bbf2423c29e1cb40deb9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQYOjvRCqPv6ZqRwpUFSsSfr5fdimeVWwWPB3vG3LmbwsG2cPjFS3QRyA%2F3WTpgMpGaWvE5oTmf%2BLFTgAFpft469ANfZN48cmna%2F2O%2BY1NWolG5%2Fb2LPtd3v5D1UYNLNQIji1J3wcL3l%2BhvcU6U%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11821&sent=14&recv=17&lost=0&retrans=0&sent_bytes=4291&recv_bytes=6937&delivery_rate=740&cwnd=12000&unsent_bytes=0&cid=a884448120ec1f81&ts=97&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 25 Jan 2024 17:45:36 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ed8c61c77-AMS
accept-ranges: bytes
content-length: 710
server: cloudflare

GET
H3 200 googlesitekit-consent-mode-3d6495dceaebc28bcca3.js Show response
us.desenhopracolorir.com.br/wp-content/plugins/google-site-kit/dist/assets/js/ 73 KB
27 KB 38ms
34ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/google-site-kit/dist/assets/js/googlesitekit-consent-mode-3d6495dceaebc28bcca3.js
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fbcdbe0b2bdc9a7619c5a99684e09abeb12a11c7dcc5e6e3ed2227ee4461b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-bgj: minify
cf-cache-status: HIT
age: 1888445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipyUx%2FkvIYutBKbU3XOFd%2FMoS0HA92A0rsl5ILbmRKOsuGLs6K6R79Th9PgdvpRSjzGfU9bizLwrp1g88PXIph%2F3TA%2F5iAAOxSBwJtAbAHWL%2BpuQ7QzlDAxPTIwpxK3AMxtuF0qUHaKlS94J44I%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:01:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11821&sent=27&recv=17&lost=0&retrans=0&sent_bytes=16220&recv_bytes=6937&delivery_rate=740&cwnd=12000&unsent_bytes=0&cid=a884448120ec1f81&ts=101&x=1", cfExtPri, cfHdrFlush;dur=7
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Sep 2024 05:44:11 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ed8c71c77-AMS
server: cloudflare

GET
H3 200 wp-consent-api.min.js Show response
us.desenhopracolorir.com.br/wp-content/plugins/wp-consent-api/assets/js/ 2 KB
1 KB 27ms
23ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/wp-consent-api/assets/js/wp-consent-api.min.js?ver=1.0.7
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb6c7358824cfc0cb6ebb6cc13224599ef3a4cb5ee44cc06367517c7b101e87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 230324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O0QuP5EEuWDiEINwy7%2FdnmS1Px8KrRGJn5l2AJp05BTMK0bjx2V75D%2BiVTdfiqdl8wO7EMf6AgLfJ01dSL1eRu%2BiXlv4ACbO5rMN0y4HOVqeM8ZizjxLinrh3Kzwr9oPnkFzf4mxcYzL%2FmjYXDE%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 02 Nov 2025 08:51:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11821&sent=25&recv=17&lost=0&retrans=0&sent_bytes=14778&recv_bytes=6937&delivery_rate=740&cwnd=12000&unsent_bytes=0&cid=a884448120ec1f81&ts=99&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 May 2024 20:42:41 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ed8c81c77-AMS
accept-ranges: bytes
content-length: 693
server: cloudflare

GET
H3 200 lazyload.min.js Show response
us.desenhopracolorir.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 25ms
22ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1888443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zzakYS814YWo4eoBPqDHb4oRQH5VSreFwRJ0wVsmyxZP3E%2BrM9yDxmL7ILHN2hBBJkGfX1kHvm1aPNxxyX6tdAnKgr82H%2FouOlOjfZDvnrpBLBianvXa9bazGtJYLP8%2BfFXwoTM8tC4yJxS5Ps%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 09 Oct 2025 23:29:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11821&sent=17&recv=17&lost=0&retrans=0&sent_bytes=6648&recv_bytes=6937&delivery_rate=740&cwnd=12000&unsent_bytes=0&cid=a884448120ec1f81&ts=98&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Oct 2024 11:09:43 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ed8ca1c77-AMS
accept-ranges: bytes
content-length: 3444
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 54ms
22ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://us.desenhopracolorir.com.br
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e34282f0c169fa8-AMS
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK ct-bot-detector.min.js Show response
moderate.cleantalk.org/1.1.26/ 16 KB
5 KB 23ms
23ms Script
application/javascript 88.198.153.60
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/1.1.26/ct-bot-detector.min.js
Requested by: Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js?ver=6.45.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.153.60 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: moderate3.cleantalk.org
Software: nginx /
Resource Hash: ee70c65b470fd058490aac2cfab543a6d465af9800f220ab1eaec11ddcf676ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=315360000
Content-Encoding: gzip
ETag: W/"6707b1d3-3fd2"
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Access-Control-Allow-Origin: : *
Date: Sat, 16 Nov 2024 02:47:32 GMT
Content-Type: application/javascript
Last-Modified: Thu, 10 Oct 2024 10:52:03 GMT
Server: nginx

GET
H2 200 hotjar-3845466.js Show response
static.hotjar.com/c/ 13 KB
6 KB 110ms
49ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3845466.js?sv=5

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

faf6d6eadfda9ece1e218645609ae919f4192ed0a875519255e0af8bb8c61208

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/cabbc5786e5911b2d5fba2968c69c9e7
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: ENbIOt_OLQCr7nidVzHwgEG3NAVu8zRFT6FmnNlS4bYS-ex5fV-9_w==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 pub-1124155844706179 Show response
fundingchoicesmessages.google.com/b/ 11 KB
5 KB 87ms
73ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-1124155844706179

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e1c33b75a5f14be85e09bc910b506edf2dccc1052b85ced0405fa6b7f3481a96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tt4ipfizj9OosWGU8F0gzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1ZBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-KZ5y-zLgTiIokrrA1AfLvpCutjIGb4eoWVA4iFuDmO9j_YySZwoXOvmJJGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJoaGhiZ6BYXyBAQD_qUjv"
content-security-policy: script-src 'report-sample' 'nonce-Tt4ipfizj9OosWGU8F0gzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
72 KB 32ms
32ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PR9C3B3

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

894ea5ddd71b0df4e8c7df3456c7dd9674fc13612e4d14a1c7827d8f6959dfa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 16 Nov 2024 02:47:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 16 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 73326
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 4 KB
2 KB 77ms
19ms Script
application/javascript 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V3
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abc4c24f7cdeabcfa58f96fb120ba7fd52263fe7e3394d24db1ec7ecaee8cc45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control: max-age=900
content-encoding: br
etag: W/"2f952b6e5c723f68a451eda821ff0ce5"
age: 1
cross-origin-resource-policy: cross-origin
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: XKEpAUuQQZMOjYs6Ubex3lMZamNTMGFE3EyxLPE93YIAgFhMgJk_Og==
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: application/javascript
last-modified: Mon, 01 Jul 2024 09:12:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256

GET
H3 200 genericons-neue.svg
us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/icons/ 27 KB
10 KB 48ms
47ms Other
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/themes/tortuga/assets/icons/genericons-neue.svg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HktFab0dWeFHJLX9KTdlifyrXAnTMMNCko9nJiOx2BmPzNL21Wr4ejIG5LTAk3BlJs77IXEJRRQ08DLryD68hE2J3JptkDg0sPPoz9KabrAOabJ2GE1cjkpWAiIF4rgnAosMXjyhCcq9m%2F%2Bmvzs%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 18:01:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11821&sent=27&recv=17&lost=0&retrans=0&sent_bytes=16220&recv_bytes=6937&delivery_rate=740&cwnd=12000&unsent_bytes=0&cid=a884448120ec1f81&ts=99&x=1", cfExtPri, cfHdrFlush;dur=11
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Jan 2024 17:45:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ed8cb1c77-AMS
accept-ranges: bytes
content-length: 9754
server: cloudflare

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da77f67aaa0f8941d015f153a11b85d056eb1624dfc4ff88f7552d335dfd4a8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
us.desenhopracolorir.com.br/wp-content/fonts/open-sans/ 47 KB
48 KB 24ms
23ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/fonts/open-sans/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/wp-content/fonts/761c3c4aa203885df40c9f5e0d2a4236.css?ver=20201110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://us.desenhopracolorir.com.br
Referer: https://us.desenhopracolorir.com.br/wp-content/fonts/761c3c4aa203885df40c9f5e0d2a4236.css?ver=20201110

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVRpI%2F5iaHgMbD5iqYvyN6H5vrI3BNX0iv8oblYgoqb363j%2F5fuiJw7WbDe2UdeZReeOflbGHAt%2B59Df2WaFxd2zM8jsaRkru8GNoMkWEhFtp7y9zydxdHri7g5Ewg1r0MhFOnVm6RjdiEVCCmI%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 18:01:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13061&sent=63&recv=34&lost=0&retrans=0&sent_bytes=55607&recv_bytes=8433&delivery_rate=546494&cwnd=37200&unsent_bytes=0&cid=a884448120ec1f81&ts=123&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: font/woff2
last-modified: Thu, 09 Nov 2023 05:50:57 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ef8da1c77-AMS
server: cloudflare

GET
H3 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
us.desenhopracolorir.com.br/wp-content/fonts/titillium-web/ 12 KB
13 KB 26ms
24ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/wp-content/fonts/761c3c4aa203885df40c9f5e0d2a4236.css?ver=20201110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://us.desenhopracolorir.com.br
Referer: https://us.desenhopracolorir.com.br/wp-content/fonts/761c3c4aa203885df40c9f5e0d2a4236.css?ver=20201110

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 142451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlDcatjb8k3A30544kUhOxn6UMdd5244cmYDD%2BB0v7%2FMtOYr%2B2VbTr%2BK4qW5nBy2gzk7GcK6EkZMjp%2BPNVGLN6Oe4rWuRAOj7ObIRV8wJASR5%2BJsmll9rqvnag50HtLSCR9sDCLu3U7F%2FkTDrok%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 18:01:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13061&sent=79&recv=34&lost=0&retrans=0&sent_bytes=74052&recv_bytes=8433&delivery_rate=546494&cwnd=37200&unsent_bytes=0&cid=a884448120ec1f81&ts=124&x=1", cfExtPri, cfHdrFlush;dur=2
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: font/woff2
last-modified: Thu, 09 Nov 2023 05:50:58 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e34282ef8db1c77-AMS
accept-ranges: bytes
content-length: 12400
server: cloudflare

GET
H/1.1 200
OK metric
metrics.biddertmz.com/ 0
0 495ms
30ms Fetch
text/plain 34.248.22.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.biddertmz.com/metric?s=123585&f=3&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.22.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-22-168.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Sat, 16 Nov 2024 02:47:33 GMT
Content-Type: text/plain, text/plain
Server: nginx/1.12.2
Access-Control-Allow-Headers: Content-Type, Accept

GET
H3 200 lib_adagio.js Show response
cdn.themoneytizer.fr/ads/ 2 KB
1 KB 53ms
26ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.themoneytizer.fr/ads/lib_adagio.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-cache-status: HIT
x-amz-version-id: qvYhA6q9SmHJElAJ4hWBgTd.Ag0_5M8x
etag: W/"f2ae4810b618b8843df5265f6320f1a4"
age: 606368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mw2owLErLDC0hA7agzoZR%2FJam0rhvAXFthRKJZGrVcd%2BUtfTAa68iEzpHQo6DYkFmKlHE6E8xk0SqWGcpYQQFmc14LAI45amIyjTzVKexhcoUHL8MrjJo4Q3SmDcdtkGXp66ANsJ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12283&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4158&recv_bytes=4342&delivery_rate=48419&cwnd=12000&unsent_bytes=0&cid=39b229f65815550a&ts=31&x=1", cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
last-modified: Wed, 05 Jun 2024 18:28:25 GMT
vary: Accept-Encoding
x-amz-id-2: yn9y2hoN8hE7PKts6jPy7KtmYdCZfH3uXyuz0EqmTuNbEtaOjKUeNO1q8O33x9wO9lb2mEFgriJWNzyxU449xOfhkGKUZVnF
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1QNW5XKR519TJ8JM
cf-ray: 8e34282f8b19d0b5-AMS
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 64 KB
22 KB 97ms
21ms Script
application/javascript 95.101.27.200
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a95-101-27-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c31254da2ad54748765a19d5692b27bafe5de49e5d766d7f9a46509c4c62ef84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Cache-Control: public, max-age=7200
Content-Encoding: gzip
Connection: keep-alive
Expires: Sat, 16 Nov 2024 04:47:33 GMT
Content-Length: 22573
Date: Sat, 16 Nov 2024 02:47:33 GMT
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
739 B 48ms
15ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: private, max-age=3600
content-encoding: gzip
server-processing-duration-in-ticks: 244079
expires: 60
date: Sat, 16 Nov 2024 02:47:32 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H2 204 /
onetag-sys.com/usync/ Frame 0699 0
0 84ms
26ms Document
text/plain 51.89.9.253
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7b2ec27f127242e&cb=1731725253015

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 latest.js Show response
static.kueezrtb.com/ 1 KB
1 KB 68ms
26ms Script
application/javascript 172.67.21.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/latest.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55e0debffbecd2ab5fc5e4840b6b83f7878c82cb8ae71ee68088d738e82e250a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://us.desenhopracolorir.com.br
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-cache-status: HIT
etag: W/"cf6175a82cdf2cd926d65fc8d228552a"
age: 977552
access-control-allow-methods: GET, HEAD
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 27 Oct 2024 17:59:36 GMT
x-amz-id-2: hbtZqSdlULHNSQf0u4K6J+u/7BgGre+RiHL72aibrGRyytUdp9p6XMa5qb/CDSOXiPzUNT4hREk=
cache-control: max-age=31536000
x-amz-request-id: 55TM20GFF5RHZ9PM
cf-ray: 8e34282fabf7d5a3-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 99ms
22ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Sat, 23 Nov 2024 02:47:33 GMT
accept-ranges: bytes
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 px.js Show response
p.cpx.to/p/12769/ 6 KB
6 KB 94ms
27ms Script
application/javascript 34.242.55.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12769/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.55.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-55-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd2e3e179ebca8c6291623d3a6375c8452a603ef3e9c5775066cab914dd512eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=7200
content-length: 6258
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=UTF-8

GET
H2 200 d04800bd-6691-49f2-bfda-0362acfc7af1 Show response
boot.pbstck.com/v1/tag/ 1 KB
932 B 164ms
126ms Script
application/javascript 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/d04800bd-6691-49f2-bfda-0362acfc7af1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de960e06c174b1fe4e3468e82c837837bcff542a5600369f68e45108fc7e954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public,max-age=1200
timing-allow-origin: *
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 8e34282fe9630e70-AMS
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 693
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 02:47:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK mailNotification.php Show response
adtrack.adleadevent.com/ 0
859 B 160ms
28ms Script
application/x-javascript 34.251.239.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.239.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-239-3.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 20
Date: Sat, 16 Nov 2024 02:47:33 GMT
Content-Type: application/x-javascript
Last-Modified: Sat, 16 Nov 2024 02:47:33 GMT
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411130101/ 434 KB
144 KB 60ms
59ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411130101/show_ads_impl_fy2021.js?bust=31088923

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1124155844706179&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

37229acb67f87ce4eba0b005f8270fca4e20b191cb9a20fcea466b52938d33a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
etag: 5443892945211978267
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:47:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147427
x-xss-protection: 0
server: cafe

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame 9A2B 0
0 41ms
25ms Document
text/html 104.22.71.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 5270
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8e3428302c39426c-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 02:47:33 GMT
last-modified: Sat, 16 Nov 2024 01:19:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hyXYOrarZPhuWoGoNLHXWibDXDOhF4EqqYOTntAtf3eJht3bVC0PtVgLHutYk39Wq9jn1XdTv4wmHChaXoPp%2BhYU%2F4sPbFo1dooKae2CAzaGyVXpDeciv9pZIazfiGrmUVyBzpYG%2FLHJ33bxs2hNrPF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

OPTIONS
H/1.1 204
No Content frontend_data
moderate.cleantalk.org/api3.0/ Frame 0
0 66ms
22ms Preflight 88.198.153.60
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/api3.0/frontend_data
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.153.60 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: moderate3.cleantalk.org
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://us.desenhopracolorir.com.br
Access-Control-Max-Age: 86400
Connection: keep-alive
Date: Sat, 16 Nov 2024 02:47:33 GMT
Server: nginx
Vary: Accept-Encoding, Origin
X-Server-IP: 88.198.153.60

GET
H3 200 core.m4v434v2.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 53ms
28ms Script
application/javascript 104.22.70.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.m4v434v2.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://us.desenhopracolorir.com.br
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"a4f330a2c6b3bd08f77e32260990108f"
age: 24777
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zFqrYj90EIkbf8civQTeEmGL%2B92t%2Fs6vcyDioczRF3SnPfgUWJTBG0weuLkuuu%2FS8jO5H9et0dZ9sJgiRi1uxf00HWmRKs80MAUV8OdJvo9X1BnXtPol22uiJY3rPw3M0pXVO2I"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e3428303cdb656d-AMS
access-control-allow-origin: *
server: cloudflare

POST
H3 200 apbct_get_pixel_url Show response
us.desenhopracolorir.com.br/wp-json/cleantalk-antispam/v1/ 83 B
1 KB 1357ms
1357ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.desenhopracolorir.com.br/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.45.1

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40e4ed9778159429d6bb78be591a90b5b79554e97a2c3c232350fb2365d83b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-WP-Nonce: e553f1fa33
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4uWV3LeoHtRKKrhDw25pjEfb5B4Y6fcKqQeZh7Y08ONsF1w42qReFqZGITsUTADspcn5Ll4v5wv%2FIx83uWMVeT3UAD9ugyi0I3UKMQDhU58WehoU4IU5pq9Wi2wRqJSxmvQ6oUNin6lgGxYMcI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
expires: Sat, 16 Nov 2024 02:47:33 GMT
x-wp-nonce: e553f1fa33
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12201&sent=225&recv=108&lost=0&retrans=0&sent_bytes=221310&recv_bytes=36286&delivery_rate=238011&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=1631&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin,Accept-Encoding
priority: u=1,i
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://us.desenhopracolorir.com.br/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
allow: POST
cf-ray: 8e34283019581c77-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 98
server: cloudflare

POST
H3 200 apbct_set_important_parameters Show response
us.desenhopracolorir.com.br/wp-json/cleantalk-antispam/v1/ 4 B
953 B 1320ms
1320ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.desenhopracolorir.com.br/wp-json/cleantalk-antispam/v1/apbct_set_important_parameters

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.45.1

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-WP-Nonce: e553f1fa33
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tAt6OLJKP%2BHt%2FqZ30TAzI6bcG6RY5i1rYHLxktEPC57sH%2BWFuRSJvmblL04hfl4oySPUlX5uzaFlWAaHfT8jldl9vAnAEUaSgB7PNsU%2BRh7IsLAAVMdL%2B%2Bo5wCAfca7w9oJEb6QiIQfMvUIvgvE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
expires: Sat, 16 Nov 2024 02:47:33 GMT
x-wp-nonce: e553f1fa33
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12303&sent=220&recv=106&lost=0&retrans=0&sent_bytes=217017&recv_bytes=36196&delivery_rate=44345&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=1597&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin,Accept-Encoding
priority: u=1,i
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://us.desenhopracolorir.com.br/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e342830195a1c77-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 24
server: cloudflare

POST
H/1.1 200
OK frontend_data Show response
moderate.cleantalk.org/api3.0/ 153 B
361 B 25ms
25ms XHR
application/json 88.198.153.60
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/api3.0/frontend_data
Requested by: Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/1.1.26/ct-bot-detector.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.153.60 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: moderate3.cleantalk.org
Software: nginx /
Resource Hash: ff1def3c7229ace2c1b93090fa56158b014521855e32768eceb3f0e2c52a53d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://us.desenhopracolorir.com.br/

Response headers

Access-Control-Allow-Origin: *
X-Server-IP: 88.198.153.60
Content-Length: 153
Date: Sat, 16 Nov 2024 02:47:33 GMT
Content-Type: application/json
Server: nginx
Connection: keep-alive

GET
H3

200

main.js Show response
us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 06B8
Redirect Chain

https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

19ms
18ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e771f03016475cfaf60f03d8f7b402058fb8f08824d775cc7ecb0228e58eb457

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjOS7oqHLGk1tFhbqskpTiC%2BSgFsSmVK3EH0Kp7KtgcYzr0hC%2Bkz5nvnYoGA5gGFgixf9tIBLRT3Hko7CaIbr7Ug9Yz%2BotmOi0JHbZIUrikXZpbP0WRgPGBV5T63cbwqoxsnNqvRYaU12q64HNs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e342830d9b91c77-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12602&sent=152&recv=77&lost=0&retrans=0&sent_bytes=148385&recv_bytes=12790&delivery_rate=28025&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=418&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTqTEpS9Ea0TW2VXwgm0qCdeSNwlADvLZh%2BwS8%2FjnzEfEhmMBMIyRtP5ty6NXMiMf%2FCE7wHlqDRUkkMD%2BwF8l7W69AxjdeAdw4%2FuGbnUXW0%2F0082Lw3BfDj61qyPs81dhAAfE%2FIolgfpELr1wHo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e342830195e1c77-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=12599&sent=148&recv=72&lost=0&retrans=0&sent_bytes=147588&recv_bytes=11035&delivery_rate=2360326&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=298&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
44 KB 19ms
19ms Script
text/javascript 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dd1b4e7e2c6ebfd815d4cdf497a829b83e9d30089e9f2cc35830594b78ffd39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"94ecd40669c01b7176fa0a4ffcf3fe8e"
age: 138851
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: VyVgcp_T_9cIQDKvBS0GDvLAGV_fYR3rsfDMO0PJa9PbiEbE1dMOkQ==
date: Thu, 14 Nov 2024 12:13:23 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
cache-control: max-age=172800
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 204 AGSKWxXqy05FmntW2u-j6VElJuYOeNxg0ertQgbfR-_sdAMh5OmB44Kc5JdT3gkrHcm0gy2ntotlHfkQbqNbbgTOeuFj1A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
33ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXqy05FmntW2u-j6VElJuYOeNxg0ertQgbfR-_sdAMh5OmB44Kc5JdT3gkrHcm0gy2ntotlHfkQbqNbbgTOeuFj1A==

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LpHJxdvv_iZ-Q9pKlDjE2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uY42v9gJ5vAgVfncpRckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGhoYmegWl8gQEANTEpBw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LpHJxdvv_iZ-Q9pKlDjE2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 hotjar-3556503.js Show response
static.hotjar.com/c/ 13 KB
6 KB 50ms
49ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3556503.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PR9C3B3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

bb5d341d00ee38f1c997d1c0f2955ec10a5280ceb4a64be18ba67f3f98a6718c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/2cb850b7958ddd2f3d7ac3ee970dac5d
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: JFdMeYVsocUp6hDa-zuINr7Mk7L5PGO1C8aaQQG14ouFtOywi2MAbA==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1328113/ 71 KB
22 KB 214ms
178ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1328113/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PR9C3B3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f239133f60f8d6b128425c23305e66f28860229ce96ec2381e0a897560280e81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
etag: "22138f5100b41ba95c70a03abb0173e4"
x-amz-version-id: .ze0KpuatE5jLfTzuNnTtGXKgrW4rA8w
age: 0
x-cache: HIT
date: Sat, 16 Nov 2024 02:47:33 GMT
last-modified: Sun, 10 Nov 2024 11:06:36 GMT
x-served-by: cache-ams2100126-AMS
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: At5UdBM4A655dvk3KFP+/ztCQsxxIANI7N+msm9B/Z+PW41QjA7ISIQXnKHiFk/jLZXzACe0GkaT5tVHO9f9Vn1PycZy8UFetEm2k6rbWJ4=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1731725253.230159,VS0,VE166
via: 1.1 varnish
x-amz-request-id: 1WDH9B826GJG3FPP
accept-ranges: bytes
access-control-allow-origin: *
abp: 53
content-length: 22046
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 369 KB
121 KB 38ms
37ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-KFL2ZBB&l=dataLayer&cx=c&gtm=45He4bc0v9132039829za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PR9C3B3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9cd9e0db487bfe6128582f019ee08bc2a49de8019437b6f09535cd32955b7c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 02:47:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 124146
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 74ms
20ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3845466.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 995255
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yOK5LENjElHsvaPCc6e83wtcBH-PqxgkTsnbjn4xLqZ0TBRWsHTNTA==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: FRA56-P4

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 79ms
26ms Fetch
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WSVJYTF9TJ&gtm=45Pe4bc0v9170589776za200zb9132039829&_p=1731725252918&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855&gdid=dZTNiMT&cid=1926116987.1731725253&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731725253&sct=1&seg=0&dl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&dt=Coloring%20Pages%20-%20%2B%209.000%20FREE%20Coloring%20Pages%20to%20Download%20and%20Print&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1060
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KFL2ZBB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 loadingAnimation.gif
us.desenhopracolorir.com.br/wp-includes/js/thickbox/ 15 KB
16 KB 27ms
26ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.desenhopracolorir.com.br/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-cache-status: HIT
age: 5434506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRdAMMpsiAl9nI5wCBkSV%2B8HL7kzAyQgygZKdGHQ3dTyjPCphXYgmnP0w%2BvS9vFRZZXR0%2F0w74Dc0l4PhII3TThgmGqOArW99WkvakeI90jFZp3A5ZaO9xGp2qsAyOV9x9albm01Fl1fDEKo5fQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 18:01:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12602&sent=156&recv=77&lost=0&retrans=0&sent_bytes=153035&recv_bytes=12790&delivery_rate=28025&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=419&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: image/gif
last-modified: Tue, 06 Nov 2012 04:30:16 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e342830d9b41c77-AMS
accept-ranges: bytes
content-length: 15238
server: cloudflare

POST
H2 204 dye
track.kueezrtb.com/ 0
143 B 155ms
113ms Ping
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.kueezrtb.com/dye?_=1731725253248&type=latest:boot&ac=2&acm=g3l&h=us.desenhopracolorir.com.br&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&beacon=1
Requested by: Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e34283119e89fd0-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare
access-control-allow-credentials: true

POST
H2 204 dye
gtrack.kueezrtb.com/ 0
143 B 162ms
123ms Ping
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrack.kueezrtb.com/dye?_=1731725253248&type=latest:boot&ac=2&acm=g3l&h=us.desenhopracolorir.com.br&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&beacon=1
Requested by: Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342831192766c1-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare
access-control-allow-credentials: true

GET
H2 200 latest.js Show response
static.kueezrtb.com/js/ 69 KB
32 KB 54ms
24ms Script
application/javascript 172.67.21.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/js/latest.js?_=1731725253248
Requested by: Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.21.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abcd54edb9ddb60008817b9e837daf6a3c4c4ba46463ffd75f9330594d40535e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-cache-status: HIT
etag: W/"ca1aaae54fdd09f2d86da4f3a3e27480"
age: 1202518
access-control-allow-methods: GET, HEAD
x-amz-request-id: R58K6GSZTF4DFSY8
cf-ray: 8e3428310f4e9fba-AMS
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
server: cloudflare
last-modified: Tue, 22 Oct 2024 14:23:45 GMT
x-amz-id-2: xa5Nlyo2EQj/4RAND0HbHJ6otfMnm7VldE1vIH2NGIJ0I2oxsC7mquPzo20K9iK+cY60fv1NgEQ=

GET
H3 200 lego-coloring-pages-00000-900x400.jpg
us.desenhopracolorir.com.br/wp-content/uploads/2024/09/ 24 KB
25 KB 142ms
141ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.desenhopracolorir.com.br/wp-content/uploads/2024/09/lego-coloring-pages-00000-900x400.jpg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec584e40e717d0a3faa43400df93d252738bc3c3805137ee2145a7fe3e2a382

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9d9yBHURLHxgDoCh2cTGmKAFNHLX5DNGts%2F20lwRbxaN1v8bOqFKniLFxRYQtRA2voPajnXo3RTQkATXfkKdQTDJSQXhhE9OXGeq1N0kr4oe%2Bl0jljWj1Aa8MjwXiwhQbnnvI0kCiRh9Xd7xKmg%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 14 Mar 2025 12:49:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12737&sent=188&recv=79&lost=0&retrans=0&sent_bytes=189932&recv_bytes=12879&delivery_rate=858464&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=544&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: image/jpeg
last-modified: Sun, 22 Sep 2024 06:18:33 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e342830e9bb1c77-AMS
accept-ranges: bytes
content-length: 24433
server: cloudflare

GET
H3 200 minnie-coloring-pages-00000-900x400.jpg
us.desenhopracolorir.com.br/wp-content/uploads/2024/09/ 19 KB
20 KB 134ms
133ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.desenhopracolorir.com.br/wp-content/uploads/2024/09/minnie-coloring-pages-00000-900x400.jpg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513d3e865a9976b6d9d208422ff3251206c1c06dc00d1fa188ec4c359b28e5cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BlPqqLlLzJ3cEek0lDN5p9HFS89slTqL25myTsmsL5OvDDtnZy%2Bl3t24V9G%2Buke2gpuwGNZiOlHW7W6K0XvdPU0rqq5ri%2BbKUdKhU19uL%2BYSl8sb1cXuaGt2NLXh9X4r3E%2FOcwUYmAth5tjJ8YA%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 20 Jan 2025 04:27:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12737&sent=170&recv=79&lost=0&retrans=0&sent_bytes=169303&recv_bytes=12879&delivery_rate=858464&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=536&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: image/jpeg
last-modified: Sun, 22 Sep 2024 04:16:14 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e342830e9bc1c77-AMS
accept-ranges: bytes
content-length: 19479
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 87ms
50ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/18428866-913d-4cc6-920a-d3c0363e1f15/plugin.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e6891b9821bd5d36835e7fb9b8713e2e0d4347ed562e3c6b0d1364f79db8ba42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
etag: 365 / 20043 / m202411120102 / config-hash: 13223844563403868853
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:47:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33865
x-xss-protection: 0
server: cafe

GET
H2 200 prebid8.20.7.js Show response
get.optad360.io/assets/js/ 457 KB
155 KB 21ms
20ms Script
text/javascript 18.66.147.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/18428866-913d-4cc6-920a-d3c0363e1f15/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 114b3f4b60c4f118cadbe967416f0099fd19980a1eb8cc9bfce9b20f535c0927

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=360000000
content-encoding: gzip
etag: W/"264ed06566508c2d72f96049dd828446"
age: 2604281
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: AQAfNhBuNqsVZ5N0uhZeZaNaQjTtephnx-CHd0JoES_aCW3pJu0rqA==
date: Wed, 16 Oct 2024 23:22:53 GMT
content-type: text/javascript
last-modified: Wed, 19 Jun 2024 14:50:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 91ms
19ms Image
image/svg+xml 65.9.66.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=360000000
content-encoding: gzip
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
age: 5169073
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: wu1mQh0oebzlgvEcJ9erpYmKm_W6SRqe0rYt4osdW_uyBSs4Tmhbmw==
date: Tue, 17 Sep 2024 06:56:21 GMT
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 68ms
19ms Script
application/javascript 18.66.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-57.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
age: 3067
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: EFQOmRqCoGBdgKZ-YZvb9Q7T7eoZXDDi9SPO8kBpiz2GICa2HPqylw==
date: Sat, 16 Nov 2024 01:56:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
325 B 54ms
18ms XHR
application/json 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 44f4be72ab12fea81129e2a271d2355673c70f120c149bcf07b75505e66268d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: hiQk3ZPw6N6fgIt7E0xQtUJcHIA4BUFD80-BWELVtzrQXVg8kb7MjQ==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H2 200 user-sessions-b6ed2f5.js Show response
cdn.pbstck.com/ 38 KB
15 KB 169ms
131ms XHR
application/javascript 172.67.25.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/user-sessions-b6ed2f5.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d04800bd-6691-49f2-bfda-0362acfc7af1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07615b49d861c736c7e81e551e2043bda308d20edf7517f24280283c9ab3bbf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: MISS
etag: W/"9027c42100e8c3cae398170112fbce0d"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 16 Oct 2024 10:32:07 GMT
x-amz-id-2: KVE0CLZkoAN2dpsbGI49yB4zTXEnuTl4Lo1a1QyEjvPrFZczbN4V6FcAtKM4ynE54gFvd4/RtQhXTX0FTCQ8ZsVu8mTkYyYjxxSMceUnPj4=
cache-control: public,max-age=31536000,immutable
x-amz-request-id: STYCN1P348J3259Z
cf-ray: 8e3428316b71286b-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 collector-eae2d9d.js Show response
cdn.pbstck.com/ 83 KB
27 KB 165ms
127ms XHR
application/javascript 172.67.25.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/collector-eae2d9d.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d04800bd-6691-49f2-bfda-0362acfc7af1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c40122142b9f808329f491cdb14348a4d5fd223e22f6f9505fed26d796b541

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: MISS
etag: W/"e2ab5ce637a59bedd632b513f4a1a404"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Oct 2024 09:32:15 GMT
x-amz-id-2: iViBrMCBErW/cAvgfnAbN0uVu9cCEa1RKhqkZRdnk19PD+YR+fokBjKyMjCpyOBwhq5zBhlahArMAVupV3xoK36FcTz+XWvcTPiltFj7XzY=
cache-control: public,max-age=31536000,immutable
x-amz-request-id: STY7RRHBHW3A59E0
cf-ray: 8e3428316b72286b-AMS
access-control-allow-origin: *
server: cloudflare

POST
H3 200 8e34282b081e6664 Show response
us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 06B8 0
1 KB 26ms
22ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/8e34282b081e6664
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxCzYjY42MKOuZDGuUtZZn4nMSUIu0t7XIhUsgcAY2QjwCyJrYXbrIZFuDjJwBayti5BkQQ81YK1yUjsg48ERJol6%2BJn6fJLhVH5Aixe8yOdMi7FRNXAxqDdzZAKwuyKuqoSxcSyU3Gl%2FCYhZho%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e342831ca3e1c77-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12395&sent=214&recv=99&lost=0&retrans=0&sent_bytes=215694&recv_bytes=30360&delivery_rate=3955797&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=577&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H2 204 3845466 Show response
vc.hotjar.io/sessions/ 0
233 B 97ms
44ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3845466?s=0.25&r=0.0010267104643322256
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: byESxG6DweVV3BFM2GyvwVM0qCWBKpmf0uIGcv3NZBTlV_Ih1SLtAA==
date: Sat, 16 Nov 2024 02:47:33 GMT
x-amz-cf-pop: FRA56-P5

POST
H3 200 collect
www.google.com/ccm/ 0
0 66ms
27ms Ping
text/plain 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1886515719.1731725253&auid=2070183189.1731725253&npa=0&us_privacy=error&did=dZTNiMT&gdid=dZTNiMT&gtm=45Pe4bc0v9170589776za200zb9132039829&gcs=G1--&gcd=13l3l3l3l5l1&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855&tft=1731725253450&tfd=1270&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KFL2ZBB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030473612/ 5 KB
2 KB 43ms
43ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030473612/?random=1731725253241&cv=11&fst=1731725253241&bg=ffffff&guid=ON&async=1&gtm=45Pe4bc0v9170589776za200zb9132039829&gcd=13l3l3l3l5l1&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Coloring%20Pages%20-%20%2B%209.000%20FREE%20Coloring%20Pages%20to%20Download%20and%20Print&did=dZTNiMT&gdid=dZTNiMT&npa=0&us_privacy=error&pscdl=noapi&auid=2070183189.1731725253&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KFL2ZBB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

948b85b5a5a67cc3b7e6cfa5a31001ef74e3ccc909e3a4f087f63bf3d2b0de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2396
date: Sat, 16 Nov 2024 02:47:33 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1030473612
td.doubleclick.net/td/rul/ Frame 1D4D 0
0 84ms
35ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1030473612?random=1731725253241&cv=11&fst=1731725253241&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45Pe4bc0v9170589776za200zb9132039829&gcd=13l3l3l3l5l1&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Coloring%20Pages%20-%20%2B%209.000%20FREE%20Coloring%20Pages%20to%20Download%20and%20Print&did=dZTNiMT&gdid=dZTNiMT&npa=0&us_privacy=error&pscdl=noapi&auid=2070183189.1731725253&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KFL2ZBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:47:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
707 B 75ms
19ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12769/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
an-x-request-uuid: cfbe9b87-331e-403c-a5f5-176d3c451d9d
content-length: 11
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:33 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
430 B 94ms
29ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12769/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: a1ef4f33ffddad22e458e450c66eac8a92e36b7707e9826608c27cb17bfe7f6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
expires: Mon, 16 Dec 2024 02:47:33 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
323 B 20ms
19ms XHR
application/json 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 44f4be72ab12fea81129e2a271d2355673c70f120c149bcf07b75505e66268d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: ybVvPSG5cCLnIpU_2KtBlnm1-ffXsRAHjdgUtaK3a_BFkKg5LqqGDw==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
323 B 38ms
18ms XHR
application/json 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 44f4be72ab12fea81129e2a271d2355673c70f120c149bcf07b75505e66268d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: bUL4_K_p9qUBzhUxFe4etpKMmISXHtONGqMsB-rCtGC3SdbG297z-w==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
322 B 57ms
18ms XHR
application/json 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 44f4be72ab12fea81129e2a271d2355673c70f120c149bcf07b75505e66268d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: avaqJMe_9hIIfFbxfiYhzy1oBO0sEVc5g6cgg5GJnWq8lUZjSVn0pg==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

29ms
29ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-length: 70
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: image/gif
server: Kestrel

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
p3p: CP="CAO PSA OUR"
date: Sat, 16 Nov 2024 02:47:33 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 44ms
12ms Fetch
application/json 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241116

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a0f2305c29046008bcf792218eaa73aa7e2920cdd72ac20a77487c26d9711e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"639-TwyHwIzb6D5AKfYOIkz13TxHTCY"
age: 38803
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-ams21048-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 839
x-jsd-version: 1.0.2241

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 1 KB
1 KB 64ms
24ms Script
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Age: 58888
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOToWRK8GDGG5i%2BiGf90a837ejPO6FdOarLvitSMwyQIDFDNSo4KzE2SSkjkV73aHEhs%2BIB7fXxNwzooiz8vvZcYijdz9XC4FF1a4KfKHxcCCdTcd1NO48j69XzgxIFU"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=11684&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3460&recv_bytes=2278&delivery_rate=354580&cwnd=252&unsent_bytes=0&cid=a9a72963a5c87b9a&ts=30&x=0"
Date: Sat, 16 Nov 2024 02:47:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Nov 2024 09:54:58 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 8e342832ccec41ae-AMS
Server: cloudflare

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
424 B 83ms
29ms Fetch
application/json 51.89.9.253
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://us.desenhopracolorir.com.br
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
182 B 57ms
14ms Fetch 163.5.194.37
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.37 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:32 GMT
x-envoy-upstream-service-time: 0
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
190 B 55ms
14ms Fetch 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 238ms
237ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b8131c7a064bf2576af12a7ec57ce1d429443024756fe64460a172d3256b4c38

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
an-x-request-uuid: 9e50130a-eb1d-4379-a4b9-bfae04364cbf
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:33 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
182 B 142ms
45ms Fetch 212.77.99.29
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

accept-ch-lifetime: 604800
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
server: nginx
access-control-allow-credentials: true

GET
H2 204 dye
track.kueezrtb.com/ 0
30 B 117ms
115ms Image
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=1b10b809b6cf226&sid=aa7b2879eab3c008&pvi=7d755848444bdd5e&h=us.desenhopracolorir.com.br&wh=1600x1200&b=Chrome&bv=130.0.0.0&dev=&os=Linux%20x86_64&p=&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&sr=1600x1200&type=latest:preinit&_=1731725253581
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342832fb279fd0-AMS
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 120ms
119ms Image
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=1b10b809b6cf226&sid=aa7b2879eab3c008&pvi=7d755848444bdd5e&h=us.desenhopracolorir.com.br&wh=1600x1200&b=Chrome&bv=130.0.0.0&dev=&os=Linux%20x86_64&p=&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&sr=1600x1200&type=latest:preinit&_=1731725253581
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342832faa766c1-AMS
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare

GET
H2 204 dye
otrack.kueezrtb.com/ 0
31 B 119ms
111ms Image
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=1b10b809b6cf226&sid=aa7b2879eab3c008&pvi=7d755848444bdd5e&h=us.desenhopracolorir.com.br&wh=1600x1200&b=Chrome&bv=130.0.0.0&dev=&os=Linux%20x86_64&p=&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&sr=1600x1200&type=latest:preinit&_=1731725253581
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342832faab66c1-AMS
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare

GET
H2 204 dye
track.kueezrtb.com/ 0
31 B 118ms
117ms Image
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=1b10b809b6cf226&sid=aa7b2879eab3c008&pvi=7d755848444bdd5e&h=us.desenhopracolorir.com.br&wh=1600x1200&b=Chrome&bv=130.0.0.0&dev=&os=Linux%20x86_64&p=&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&sr=1600x1200&type=latest:noop&_=1731725253582
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342832fb299fd0-AMS
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 122ms
121ms Image
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=1b10b809b6cf226&sid=aa7b2879eab3c008&pvi=7d755848444bdd5e&h=us.desenhopracolorir.com.br&wh=1600x1200&b=Chrome&bv=130.0.0.0&dev=&os=Linux%20x86_64&p=&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&sr=1600x1200&type=latest:noop&_=1731725253582
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342832faa866c1-AMS
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare

GET
H2 204 dye
otrack.kueezrtb.com/ 0
30 B 114ms
107ms Image
text/plain 104.22.34.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=1b10b809b6cf226&sid=aa7b2879eab3c008&pvi=7d755848444bdd5e&h=us.desenhopracolorir.com.br&wh=1600x1200&b=Chrome&bv=130.0.0.0&dev=&os=Linux%20x86_64&p=&uri=%2F&furl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&sr=1600x1200&type=latest:noop&_=1731725253582
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.34.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342832faaa66c1-AMS
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame AAD7 0
0 60ms
19ms Document
text/html 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fus.desenhopracolorir.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KFL2ZBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 45994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 14:00:59 GMT
expires: Sat, 15 Nov 2025 14:00:59 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/ 489 KB
152 KB 31ms
30ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
etag: 17605025942849661478
age: 35931
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 16:48:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 15 Nov 2024 16:48:42 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155155
x-xss-protection: 0
server: cafe

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
279 B 46ms
12ms Fetch
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1328113/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1731725254.676927,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-ams21067-AMS
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1328113/trc/3/ 2 KB
2 KB 41ms
33ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1328113/trc/3/json?tim=1731725253653&data=%7B%22id%22%3A244%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1731725253635%2C%22cv%22%3A%2220241107-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fus.desenhopracolorir.com.br%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-hobbylandbiobrgmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22TcfApi%22%2C%22cbpv%22%3A%222%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1731725253652%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fus.desenhopracolorir.com.br%2F%22%2C%22tos%22%3A14%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1328113/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6352c8794d89d858481a7925b3bc09af4654071346d6db5e2501a37249f16ea7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-ams2100126-AMS
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 867
x-timer: S1731725254.669855,VS0,VE21
x-vcl-time-ms: 21
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.08125
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
324 B 19ms
18ms XHR
application/json 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 44f4be72ab12fea81129e2a271d2355673c70f120c149bcf07b75505e66268d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: 0V1dZEqeO840tiyaXXVaQwsxC4BdtWXLgGKn1ZkwvGBE-fMNT6UbkQ==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
324 B 37ms
18ms XHR
application/json 3.160.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-117.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 44f4be72ab12fea81129e2a271d2355673c70f120c149bcf07b75505e66268d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: qopIeEIGGmJXZTRhR0Dw8AFQKOZHKBstpG1WGzBGKIvnHPjJshbpsQ==
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H3 200 prebid.js Show response
tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/ 411 KB
143 KB 33ms
25ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e38954a3882d6c3b96e4c9e361ecac23188952295495ea98f1079a207122ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"7f03e81044132f35fcf15767854a1371"
age: 146963
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gg%2B43S1SioVDtM%2FLas0BjsWn%2BzIoqkP13%2F6EZUcfdC%2FbEbGVriCwm9Gl5GFpvvaMKYMjfEmY84Uq6Fb7f2CFgDZtED%2FvDMDxT07xN1pgjmlz1iVght%2FUmLPrw651ayL%2BOTRDctWv53w%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12627&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5754&recv_bytes=4739&delivery_rate=119303&cwnd=12000&unsent_bytes=0&cid=39b229f65815550a&ts=661&x=1", cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 23:20:48 GMT
vary: Accept-Encoding
x-amz-id-2: vfCSL5OFVu/oYnjcCqfFagdLnQ4XWqe04ZRafP7v6exCl0tHRpf9OJW6hvPasNOFBKMHd+zgxHza4C5AN/UvSMtztqyt+dws
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1DBPN3FVYKDZSPXE
cf-ray: 8e3428337d51d0b5-AMS
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 /
www.google.com/pagead/1p-user-list/1030473612/ 42 B
64 B 30ms
30ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1030473612/?random=1731725253241&cv=11&fst=1731722400000&bg=ffffff&guid=ON&async=1&gtm=45Pe4bc0v9170589776za200zb9132039829&gcd=13l3l3l3l5l1&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Coloring%20Pages%20-%20%2B%209.000%20FREE%20Coloring%20Pages%20to%20Download%20and%20Print&did=dZTNiMT&gdid=dZTNiMT&npa=0&us_privacy=error&pscdl=noapi&auid=2070183189.1731725253&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dvIHA6YdtddYF0C6wq2voidDFvQmZKw&random=2269160996&rmt_tld=0&ipr=y

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 16 Nov 2024 02:47:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 61ms
21ms Script
application/javascript 104.18.23.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
age: 0
cf-ray: 8e342833cae40ba6-AMS
content-length: 3
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 01 Jan 2018 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 61 KB
20 KB 65ms
38ms Fetch
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd43d3bd3b997bc217284091f0a3c3277390dd116138876b260a27d650b4dfd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"268cc3ad526fe25c037551e2fef090a1"
Age: 56382
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Xy5i4JPPQ3wTLu%2BIZGZOeMo60D5J7dyGXjr8OAtqmo6fhUslGL%2Blnn2KASvz9K6dYsk7aINB7%2BvQiGi%2BgxYIuz4pQ8AVZkA%2FkW%2Fqk98vtgn%2F1hjHeH1rJ6bhi1oBpWz"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=11727&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3461&recv_bytes=2356&delivery_rate=351762&cwnd=252&unsent_bytes=0&cid=62a1d1f7568448d5&ts=40&x=0"
Date: Sat, 16 Nov 2024 02:47:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Nov 2024 09:54:54 GMT
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 8e342833a82006c6-AMS
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H3 200 AGSKWxWMfFq1rpwPVWb2oH2rdKlI0hh2z0PvAtlMRW0pJhKfBNpsnkPYz-i36UauaxVU5n7htV15Z_rHcIrs61hVeE963IZQlQql27w1AgUCZ10SeJ10FCUhnifzhidjX-Chu2lXofK4VA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 46ms
45ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWMfFq1rpwPVWb2oH2rdKlI0hh2z0PvAtlMRW0pJhKfBNpsnkPYz-i36UauaxVU5n7htV15Z_rHcIrs61hVeE963IZQlQql27w1AgUCZ10SeJ10FCUhnifzhidjX-Chu2lXofK4VA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNzI1MjUzLDY3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91cy5kZXNlbmhvcHJhY29sb3Jpci5jb20uYnIvIixudWxsLFtbOCwiZXN5djQ1TTZidDAiXSxbOSwibmwiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMy6TrTtxITM2L_MGmeX4SFpLFJKzg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

1074eddbd49df21926fc2b87285335041c39fdf46fd79af8c91fb8b4864d9328

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lca4wb9h-AAUz-7BDPdqcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jvY_2MkmcOLohUtMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYmegaG8QUGAJbAQGQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lca4wb9h-AAUz-7BDPdqcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 200 fire.js Show response
s.cpx.to/ 0
190 B 98ms
30ms Fetch 34.242.55.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12769&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&hn_ver=87&fid=ea91015f-8c78-4478-a505-5edb1fcb0c3a
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12769/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.55.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-55-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-credentials: true
expires: Sat, 16 Nov 2024 02:47:33 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
p3p: CP="NOI DEV ADM"
date: Sat, 16 Nov 2024 02:47:33 GMT
vary: Origin
x-discarded: true

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 2988 0
0 55ms
18ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:15:21 GMT
expires: Sat, 16 Nov 2024 03:05:21 GMT
last-modified: Mon, 11 Nov 2024 20:42:41 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 52ms
13ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 2070348
x-goog-stored-content-encoding: gzip
expires: Thu, 23 Oct 2025 03:41:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 23 Oct 2024 03:41:45 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AHmUCY2V7DgLQ7aCDW60112JQAkL44Xku91XRnTFjKc60tFYLz4enYvJw0KxtoBH7xxdXWhQD-I
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 51ms
16ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Sun, 17 Nov 2024 02:47:33 GMT
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 71ms
20ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 11019
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 0X_RtCtCm2jMoe_-ZxaCsM-N7mCd0MHLEX7hnPbNr6QoHujWDwICvg==
date: Fri, 15 Nov 2024 23:43:55 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 85ms
24ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

etag: 96161c00fc10ad819c09e1314f0ae5b4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 17:54:21 GMT
server: Google Frontend
x-cloud-trace-context: db0310a918195f287730df8fb9ac887b

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 62ms
25ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-amz-id-2: l9eDPJx5rITTQrHXqKb+Tjjd0PdVxY4yMXAZ8HUMej2C/CRbhr860H3fJWG+J8Y9Q63WyLhmH1rKYysr+rfSqBgpQjNOOa5ZPOcQAx3Vmxc=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"a7da20199e9cb2cd9232f608481d0778"
age: 858
x-amz-request-id: DEWQFGDX8FPR66KW
cf-ray: 8e34283429e09fd6-AMS
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 78ms
19ms Script
text/javascript 99.86.3.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-54.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
Age: 6967
Connection: keep-alive
Via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3181
X-Amz-Cf-Id: YwdIUhScDX0Iw2yYCv8sNNB41HfPRALyUrkX-OvJDTfgp3Wua2Ud5w==
Date: Sat, 16 Nov 2024 01:56:30 GMT
Content-Type: text/javascript
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
x-amz-server-side-encryption: AES256

GET
H3 200 AGSKWxXvPBdtR-eNJJP2kiwvU43iaE71tKhcjiWJRQesJXUhDdxIgw8W9artXY095ztl2CrTbfsvNj_8AojdgR1HfzRtQj9q-H95TPrlm6gZwuH6gKnD6rJQP7pXOjgFEseF5a-Il1jkpg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 45ms
44ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXvPBdtR-eNJJP2kiwvU43iaE71tKhcjiWJRQesJXUhDdxIgw8W9artXY095ztl2CrTbfsvNj_8AojdgR1HfzRtQj9q-H95TPrlm6gZwuH6gKnD6rJQP7pXOjgFEseF5a-Il1jkpg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNzI1MjUzLDc1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsInB0LVBUIl0sImh0dHBzOi8vdXMuZGVzZW5ob3ByYWNvbG9yaXIuY29tLmJyLyIsbnVsbCxbWzgsImVzeXY0NU02YnQwIl0sWzksIm5sIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

edb7d3d2ddbb1c891b3b8a41d16bcea188a50b81e3519120d15c3dd6cae595be

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hbp3M8LVhGlu5k4DKLF-Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4pnnL7MuBOIiiSusDUB8u-kK62MgZvh6hZUDiIV4OI72P9jJJjDh79xvTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhoaGJnoGhvEFBgAbNkTd"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hbp3M8LVhGlu5k4DKLF-Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 36ms
12ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&domain=us.desenhopracolorir.com.br&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://us.desenhopracolorir.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 16 Nov 2024 02:47:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 153138
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
258 B 136ms
103ms Fetch
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.16.0&coppa=0
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://us.desenhopracolorir.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json
vary: origin

GET
H2 200 json Show response
gum.criteo.com/sid/ 378 B
995 B 14ms
13ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&domain=us.desenhopracolorir.com.br&cw=1&lsw=1&gdpr=0

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fac80ac162de4d9a13996f2ad55ae6b2e21287010a247e6c7d9dd1857a83331e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 455216
expires: 0
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
486 B 28ms
27ms Fetch
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

5d41fc89d8e639f9f494b47f95f5b15a9c702a2c540bfea6676552f0fc837816

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 id Show response
id.crwdcntrl.net/ 152 B
909 B 126ms
44ms Fetch
application/json 54.194.120.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=false&c=17553
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.120.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-120-205.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 540d02fea266dd50f591551a0eef3b23b95e7eb55d4d20504c43476a1c96459d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 152
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json;charset=utf-8
x-server: 10.45.6.200
server: Jetty(9.4.38.v20210224)

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 61 KB
828 B 22ms
22ms Script
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd43d3bd3b997bc217284091f0a3c3277390dd116138876b260a27d650b4dfd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"268cc3ad526fe25c037551e2fef090a1"
Age: 58888
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FSClJaLSUlQo0F4LtjO7BRiVR61HsIZyudyIfJtNGJa%2BMzy526GagywsX4qrG5Ww7S21R3wPuLVvCNtdSYDd9xFrf04rZQMDoDxSHnkE003BpMiWKuIkAT1yQfSgqlZ"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=11695&sent=10&recv=14&lost=0&retrans=0&sent_bytes=5475&recv_bytes=2762&delivery_rate=470887&cwnd=256&unsent_bytes=0&cid=a9a72963a5c87b9a&ts=301&x=0"
Date: Sat, 16 Nov 2024 02:47:33 GMT
Last-Modified: Fri, 15 Nov 2024 09:54:54 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 8e3428347d8541ae-AMS
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/ Frame 578D 0
0 19ms
18ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411130101/show_ads_impl_fy2021.js?bust=31088923

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 37772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 16:18:01 GMT
etag: 4475648825157136472
expires: Fri, 29 Nov 2024 16:18:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7B1A 0
0 86ms
85ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1124155844706179&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1731722081&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aifgd=1&aipaq=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731725253087&bpp=3&bdt=281&idt=209&shv=r20241112&mjsv=m202411130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4405009457956&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343681%2C95344187%2C31088923%2C95335247%2C95345966&oid=2&pvsid=2456334195064758&tmod=1741038533&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=775

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411130101/show_ads_impl_fy2021.js?bust=31088923

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.desenhopracolorir.com.br/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 976
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:47:33 GMT
expires: Sat, 16 Nov 2024 02:47:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&rid=esp&cc=1

85 B
194 B

116ms
115ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&rid=esp&cc=1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 06c39e640d97c0a72c193e3feafcb353f92abd0fc367754175e7f258103df577

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

etag: W/"55-YWsxLO7qeurmf2HGQKTBRwAvRJk"
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://us.desenhopracolorir.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin

Redirect headers

location: /esp?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&rid=esp&cc=1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://us.desenhopracolorir.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 16 Nov 2024 02:47:33 GMT
x-powered-by: Express
vary: Origin

GET
H2 200 syncframe
gum.criteo.com/ Frame 8F78 0
0 47ms
13ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=us.desenhopracolorir.com.br&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:47:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 679324
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
243 B 80ms
27ms XHR
text/plain 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 856 B
393 B 253ms
252ms Fetch
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2456334195064758&correlator=1311094976559410&eid=95344999&output=ldjh&gdfp_req=1&vrg=202411120102&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=121764058%3A14966463%2Cdesenhopracolorir.com.br%2Cdesenhopracolorir.com.br_o3b_display_adi_o3b_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=750x300%7C750x200%7C750x100%7C728x90%7C970x90%7C970x250%7C970x300%7C1200x300%7C468x60%7C640x480%7C700x300%7C700x200%7C700x100&ifi=2&didk=348168553&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1731725253907&lmt=1731722081&adxs=425&adys=225&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&vis=1&psz=0x0&msz=750x0&fws=640&ohw=0&td=1&egid=46388&tan=0cdea4da-013c-44ff-8516-5830d05981b5&tdf=2&topics=1&tps=1&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDJjZTIyZDllLTdhZTctNDhkMi1iMzQzLWIxMWIwMTkxMTVlZVgBEhwKDWNyd2RjbnRybC5uZXQY57j5lrMySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOe4-ZazMkgAUgIIZBIZCgp1aWRhcGkuY29tGOe4-ZazMkgAUgIIZBIbCgxpZDUtc3luYy5jb20Y57j5lrMySABSAghkEhQKBW9wZW54GOa4-ZazMkgAUgIIZBIXCghydGJob3VzZRiAuvmWszJIAFICCGo.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731725252806&idt=897&prev_scp=hb_bidder%3Dappnexus%26hb_adid%3D11c7874fbcd1bb2%26hb_pb%3D0.34&adks=1149649535&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e59e428663d7e4e4fa52026631b038ec0cd2ffb34846e9a1ed3418b8dcb4a4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 361
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
c0a0221d4b3d1b2a46a475e7d7020994.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 605D 0
0 106ms
26ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0a0221d4b3d1b2a46a475e7d7020994.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:47:34 GMT
expires: Sat, 16 Nov 2024 02:47:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 904 B
734 B 81ms
25ms Fetch
application/json 51.158.29.13
AS12876 SCALEWAY ...

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.158.29.13 Paris, France, ASN12876 (AS12876 SCALEWAY S.A.S., FR),

Reverse DNS

online-prod.ipsfailover.com

Software

nginx/1.20.2 /

Resource Hash

a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Cache-Control: private, max-age=60
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://us.desenhopracolorir.com.br
Date: Sat, 16 Nov 2024 02:47:33 GMT
Content-Type: application/json; charset=utf-8
Server: nginx/1.20.2
Access-Control-Allow-Headers: content-type

POST
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 904 B
734 B 76ms
25ms Fetch
application/json 51.158.29.13
AS12876 SCALEWAY ...

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.158.29.13 Paris, France, ASN12876 (AS12876 SCALEWAY S.A.S., FR),

Reverse DNS

online-prod.ipsfailover.com

Software

nginx/1.20.2 /

Resource Hash

a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Cache-Control: private, max-age=60
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://us.desenhopracolorir.com.br
Date: Sat, 16 Nov 2024 02:47:34 GMT
Content-Type: application/json; charset=utf-8
Server: nginx/1.20.2
Access-Control-Allow-Headers: content-type

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
620 B 50ms
40ms XHR
application/json 54.194.120.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.120.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-120-205.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: aa8d9d0611ffdb0ef97c8406d1e76ea1bd26d23ef374a0b83b37db762a77a0fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json;charset=utf-8
x-server: 10.45.24.121
server: Jetty(9.4.38.v20210224)

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
299 B 90ms
27ms Fetch
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

07a4a4bc0285ac7d52eba2197f763fde7c14c478c5369da1f489b0d09f3c72fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 204 web-vitals
intake.pbstck.com/v1/intake/ 0
41 B 50ms
41ms Ping
text/plain 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/web-vitals?fcp=804.100&tId=d04800bd-6691-49f2-bfda-0362acfc7af1&v=none&s=none&c=1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e3428354ce40e70-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:33 GMT
server: cloudflare

GET
H3 200 ca-pub-1124155844706179 Show response
fundingchoicesmessages.google.com/i/ 195 KB
63 KB 47ms
47ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1124155844706179?href=https%3A%2F%2Fus.desenhopracolorir.com.br&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411130101/show_ads_impl_fy2021.js?bust=31088923

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

94f19bf6572165a0a9ca7d01eee7587be5c80146c0358a498334ee3bf193b43e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CbVsKATWG4LT1pB4Y41Svg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jvY_2MkmcGPappvMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYmegaG8QUGAIc_QCU"
content-security-policy: script-src 'report-sample' 'nonce-CbVsKATWG4LT1pB4Y41Svg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 200 auction Show response
bid.sparteo.com/ 70 B
291 B 87ms
42ms Fetch
application/json 104.18.31.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.sparteo.com/auction
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd9677032b50272c7d0256d2bfffc266960424ea37b2018e08409b63595ffcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8e342835fe0d06c4-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 479 B
658 B 140ms
81ms Fetch
application/json 18.156.199.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.199.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-199-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3f1d61a3fa9939e5df260d43c411893e3b5332f77e881a006382a3a4272eac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-encoding: gzip
content-length: 284
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
340 B 85ms
42ms Fetch 104.22.30.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.30.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-ray: 8e342835f9440a47-AMS
expires: -1
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
server: cloudflare
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2a156/1/us.desenhopracolorir.com.br/ROS?rnd=0.22049738716036948&e=26711%3A300x250%2C300x168&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&...
https://pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26711%3A300x250%2C300x168&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&n...

559 B
1 KB

16ms
16ms

Fetch
application/json

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26711%3A300x250%2C300x168&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 27a421e970d60f97ebb773d2b712945167884d4a9a6277f4df9e6fba29a5fb93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=0, no-cache
accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials: true
expires: Sat, 16 Nov 2024 02:47:34 GMT
x-sid: AMS-937
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 559
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
server: openresty

Redirect headers

location: /hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26711%3A300x250%2C300x168&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e
access-control-allow-credentials: true
x-sid: AMS-937
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=iso-8859-1
server: openresty

POST
H2 204 66547cd57f283cb2a1de06c7 Show response
exchange.kueezrtb.com/prebid/multi/ 0
1 KB 788ms
570ms Fetch 198.199.71.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/66547cd57f283cb2a1de06c7
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.199.71.70 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: https://us.desenhopracolorir.com.br
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Sat, 16 Nov 2024 02:47:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 pb Show response
ad.360yield.com/1602/ 3 KB
2 KB 160ms
68ms Fetch
application/json 54.76.15.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1602/pb
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.15.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-15-180.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 15742d91582a251489797ddc2fcea94e340b96ebe06483c5d6f90560b6277220

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: https://us.desenhopracolorir.com.br
content-encoding: gzip
content-length: 2019
date: Sat, 16 Nov 2024 02:47:34 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
40 B 16ms
15ms Fetch 163.5.194.37
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.37 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
x-envoy-upstream-service-time: 0
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
233 B 62ms
15ms Fetch 178.250.1.4
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.16.0&cb=93710748397&lsavail=1&bundle=9fxEmV9QS09Lc2dBMXVVVEpVU0M0b1htdzg0ZG55ejhrUFBTcSUyQjlDWUpWTWF5dkRzSmZHVXQ4WVJEWFJpdU1hSWNBNVkwdGc2c2dSQk1sT3F6SWNZRnBwZFBqYmJGQVp4ZnJvU09nUUFwa1VDaDZyQ3RIJTJGSzVJenBnWVM4Y2Rzc0FiTGh1YnYyMkNDbmpLVnlQNGx2d2pBRjg4UXlielZzNmN4dHRPdzhaZ3R4cW1JJTNE

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.4 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
vary: Origin
server: Kestrel

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1016 B 77ms
36ms Fetch
application/json 172.64.153.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab50a02b3fc9b3bb324095d6424604e78dcd80ccac6a0ac4e78fc014dacc39e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-version: 3.0.0-gcp-ams
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
x-err: Calling bidders. no bid responses
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8e342835fcde1c80-AMS
expires: 0
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

POST
H/1.1 204
No Content / Show response
b1h.zemanta.com/api/bidder/prebid/bid/ 0
206 B 348ms
105ms Fetch 64.74.236.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://b1h.zemanta.com/api/bidder/prebid/bid/

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.74.236.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: https://us.desenhopracolorir.com.br
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 492 B
1023 B 120ms
67ms Fetch
application/json 69.173.156.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39538&zone_id=1078304&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,115390,1,,,&eid_pubcid.org=3640a9fe-aaa1-4233-884d-6faaeb812e4e%5E1&rf=https%3A%2F%2Fdesenhopracolorir.com.br&kw=123585&tg_i.domain=us.desenhopracolorir.com.br&tg_i.page=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&tg_i.name=desenhopracolorir.com.br&tg_i.pagetype=article&tg_i.category=familyandparenting&tg_i.siteid=123585&tg_i.placement=19&tg_i.divId=sas_26711&tg_i.pbadslot=sas_26711&tk_flint=pbjs_lite_v9.16.0&x_source.tid=92f37c90-57ad-4d96-ae26-d4fbb8c30784&l_pb_bid_id=24b17a67c42c20d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=c6b7bfbc-e1ed-4b43-bfe0-4a5a51ba3f23&rp_maxbids=1&p_gpid=%2F123585%2Fdesenhopracolorir.com.br%2Fdesktop%2F26711&m_ch_mobile=%3F0&slots=1&rand=0.7637959664729532
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 36f333abdf93dad492e0f06e970c3e0a581c28d4f9aa04c11e13fa4d94dbbf6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 492
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
301 B 57ms
18ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 27caf50d7ac8b8bb05270836fe93a814e0ca141fc57d77c58b33f5d2a92a60ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-forwarded-for: 176.67.81.30
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://us.desenhopracolorir.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/plain
vary: Origin

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 216 B
241 B 51ms
23ms Fetch
text/html 104.22.62.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=123585&adid=19&formatid=26711&size=desktop
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.62.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: eb7b3428730302896944fa44348bd248de8eb53f01838e4b4f11b31a30cbc2e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

server: cloudflare
cache-control: max-age=259200
content-encoding: br
cf-cache-status: HIT
age: 55006
cf-ray: 8e342835feef1c82-AMS
apigw-requestid: BRccRh81DoEEP0w=
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 05:23:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
1 KB 179ms
131ms Fetch
application/json 3.124.64.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=9.16.0&referrer=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&tmax=3000&gdpr=false

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-64-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 81ms
20ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=123585&formatId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"812ceba01127f3bf5aede260eaddcd29"
age: 2457
via: 1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront), 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: d6ojzjMdd2rK_I-yvLd1BgJWjtQSzWVuqFzClr9E1iV_EXoq1gC2uA==
date: Sat, 16 Nov 2024 02:06:37 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA56-P6
x-amz-server-side-encryption: AES256

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 56ms
33ms Fetch
application/json 172.64.153.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92270a103910feb4bb869c257b300435aa0328e2ba51236446c124d685cd3e0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-version: 3.0.0-gcp-ams
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
x-err: Calling bidders. no bid responses
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8e342835fcdf1c80-AMS
expires: 0
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

POST
H/1.1 204
No Content / Show response
b1h.zemanta.com/api/bidder/prebid/bid/ 0
206 B 332ms
106ms Fetch 64.74.236.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://b1h.zemanta.com/api/bidder/prebid/bid/

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.74.236.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: https://us.desenhopracolorir.com.br
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
1 KB 118ms
81ms Fetch
application/json 3.124.64.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=9.16.0&referrer=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&tmax=3000&gdpr=false

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-64-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
x-auction-status: 29
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding

POST
H2 200 66547d009930c01a06022d69 Show response
exchange.kueezrtb.com/prebid/multi/ 46 KB
24 KB 676ms
483ms Fetch
application/json 198.199.71.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/66547d009930c01a06022d69
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.199.71.70 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 8cb1c0081c560e811765bac08902828ffbf1badcfd210a95bedf6bcf9d5fd7a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 23184
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 216 B
398 B 36ms
21ms Fetch
text/html 104.22.62.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=123585&adid=3&formatid=26323&size=desktop
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.62.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 986bc5a8c49a630ef1ebe2e6241be227aeb7bdc2d88ca6ec3465afa44824f3b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

server: cloudflare
cache-control: max-age=259200
content-encoding: br
cf-cache-status: HIT
age: 55006
cf-ray: 8e342835fef01c82-AMS
apigw-requestid: BRccQjEvDoEEJ8Q=
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 05:23:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
20 B 15ms
13ms Fetch 163.5.194.37
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.37 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
x-envoy-upstream-service-time: 1
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 511 B
860 B 147ms
110ms Fetch
application/json 69.173.156.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39538&zone_id=1078220&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,115390,1,,,&eid_pubcid.org=3640a9fe-aaa1-4233-884d-6faaeb812e4e%5E1&rf=https%3A%2F%2Fdesenhopracolorir.com.br&kw=123585&tg_i.domain=us.desenhopracolorir.com.br&tg_i.page=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&tg_i.name=desenhopracolorir.com.br&tg_i.pagetype=article&tg_i.category=familyandparenting&tg_i.siteid=123585&tg_i.placement=3&tg_i.divId=sas_26323&tg_i.pbadslot=sas_26323&tk_flint=pbjs_lite_v9.16.0&x_source.tid=88e4eeca-3c1d-4109-bb59-3bf8e13d9709&l_pb_bid_id=4635d6b3aad056a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=9188cf85-eae7-4043-90b0-efea0886784d&rp_maxbids=1&p_gpid=%2F123585%2Fdesenhopracolorir.com.br%2Fdesktop%2F26323&m_ch_mobile=%3F0&slots=1&rand=0.08568417373464987
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 29de0bad732affd5d6a152fae1867154c5e684e76f7a8ee93e33f23e39019091

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 511
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2a156/1/us.desenhopracolorir.com.br/ROS?rnd=0.22049738716036948&e=26323%3A300x250%2C300x600&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&...
https://pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26323%3A300x250%2C300x600&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&n...

559 B
1 KB

18ms
17ms

Fetch
application/json

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26323%3A300x250%2C300x600&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 8950a821c247f5553c9d19215a280aeba5d9bb86fa0a8d78dcf597b8f3047707

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=0, no-cache
accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials: true
expires: Sat, 16 Nov 2024 02:47:34 GMT
x-sid: AMS-937
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 559
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
server: openresty

Redirect headers

location: /hb/1/2a156/1/us.desenhopracolorir.com.br/ROS?ct=1&r=pbjs&rnd=0.22049738716036948&e=26323%3A300x250%2C300x600&ur=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pbv=9.16.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&gdpr=0&e_criteoId=AHcB-l80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TmFaTHowOTJvUE1WWVQyOXcxZ281WGclM0Q&e_lotamePanoramaId=52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a&e_pubcid=3640a9fe-aaa1-4233-884d-6faaeb812e4e
access-control-allow-credentials: true
x-sid: AMS-937
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=iso-8859-1
server: openresty

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
131 B 40ms
18ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: b63252dc1d6eb6dd1ec1b461419b1919093d7f69d9074ef7a51f4f243019147d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-forwarded-for: 176.67.81.30
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://us.desenhopracolorir.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Sat, 16 Nov 2024 02:47:33 GMT
content-type: text/plain
vary: Origin

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
37 B 85ms
74ms Fetch 104.22.30.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.30.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-ray: 8e342835f9460a47-AMS
expires: -1
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
server: cloudflare
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 pb Show response
ad.360yield.com/1602/ 0
393 B 195ms
131ms Fetch 54.76.15.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1602/pb
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.15.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-15-180.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sat, 16 Nov 2024 02:47:34 GMT
access-control-allow-credentials: true

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
234 B 35ms
14ms Fetch 178.250.1.4
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.16.0&cb=63172141203&lsavail=1&bundle=9fxEmV9QS09Lc2dBMXVVVEpVU0M0b1htdzg0ZG55ejhrUFBTcSUyQjlDWUpWTWF5dkRzSmZHVXQ4WVJEWFJpdU1hSWNBNVkwdGc2c2dSQk1sT3F6SWNZRnBwZFBqYmJGQVp4ZnJvU09nUUFwa1VDaDZyQ3RIJTJGSzVJenBnWVM4Y2Rzc0FiTGh1YnYyMkNDbmpLVnlQNGx2d2pBRjg4UXlielZzNmN4dHRPdzhaZ3R4cW1JJTNE

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.4 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:33 GMT
vary: Origin
server: Kestrel

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 526 B
745 B 113ms
86ms Fetch
application/json 18.156.199.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.199.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-199-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4d89b0d01962d3ac3be300b053b3b61043f576879ec47e0624679aba06b3f2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-encoding: gzip
content-length: 372
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 auction Show response
bid.sparteo.com/ 70 B
148 B 123ms
113ms Fetch
application/json 104.18.31.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.sparteo.com/auction
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f8d19ce76637d8cd9e6eadf9274ffec7771753da2204dbb39a416f8318350b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8e342835fe0f06c4-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

POST
H2 200 12.json Show response
id5-sync.com/g/v2/ 632 B
1 KB 30ms
28ms Fetch
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

f113cf8f6cfc63c1af1888b868af97a54c76765aeb02f988e0d12e7f88032d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP="CAO PSA OUR"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
vary: Origin

GET
H2 200 pixel;r=1834488662;labels=Categories.familyandparenting;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=173172525359...
pixel.quantserve.com/ 43 B
525 B 45ms
20ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1834488662;labels=Categories.familyandparenting;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1731725253596;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.Coloring%20Pages%2Cdescription.%2B%209%252E000%20FREE%20Coloring%20Pages%20to%20Download%20and%20Print%2Curl.https%3A%2F%2Fus%252Edesenhopracolorir%252Ecom%252Ebr%2F%2Csite_name.Coloring%20Pages;ses=f2988357-4c6a-462b-bc8c-35a0efe94283;d=desenhopracolorir.com.br;uht=2;fpan=1;fpa=P0-1540987362-1731725254099;pbc=2ce22d9e-7ae7-48d2-b343-b11b019115ee;gdpr=0;us_privacy=1---;mdl=

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Sat, 16 Nov 2024 02:47:34 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["K0yJISohORXVRPgcQkx0CA=="],"pcode":["p-6Fv0cGNfc_bw8"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2

200

usync.html
eus.rubiconproject.com/ Frame 5F2B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

0
0

122ms
36ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 02:47:34 GMT
etag: "28052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 16 Nov 2024 02:47:34 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H2

200

usync.html
eus.rubiconproject.com/ Frame F090
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

0
0

124ms
124ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 02:47:34 GMT
etag: "28052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 16 Nov 2024 02:47:34 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H2 200 a0dbece0-be46-4355-af6e-eaefdbf5391a Show response
config.aps.amazon-adsystem.com/configs/ 563 B
838 B 70ms
20ms Script
application/javascript 3.160.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/a0dbece0-be46-4355-af6e-eaefdbf5391a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-38.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 509610981376c29dd498582bf2c3ebd432b2212fe1d011a0623955cc3f1bf785

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=3600
age: 2782
via: 1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: Y8aF493LmeSisMcj0e7ygKYT1as1DxlkyCqT2fDXOuM5YHqBy6dzcw==
date: Sat, 16 Nov 2024 02:01:12 GMT
content-type: application/javascript
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 22ms
20ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fus.desenhopracolorir.com.br&pubid=a0dbece0-be46-4355-af6e-eaefdbf5391a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 44262dcb1808a0e5e0d3534a1f0a9ee69d367876ed42f4e4b03da809225b90c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 1265
access-control-allow-credentials: true
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
access-control-allow-origin: https://us.desenhopracolorir.com.br
x-cache: Hit from cloudfront
content-length: 3097
x-amz-cf-id: YuYjE6Jr5eDkvM04weOlfmxWM6h19PGQ17GPxDPb77ZMSyibDTFI5g==
date: Sat, 16 Nov 2024 02:26:29 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: FRA56-P6
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 148 B
486 B 279ms
202ms XHR
text/javascript 108.138.8.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&pid=bsyhMy5rwURT1&cb=0&ws=1600x1200&v=24.1105.2150&t=2000&slots=%5B%7B%22sd%22%3A%22sas_26300%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x168%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_26300%22%7D%2C%7B%22sd%22%3A%22sas_26711%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x168%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_26711%22%7D%2C%7B%22sd%22%3A%22sas_26323%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_26323%22%7D%2C%7B%22sd%22%3A%22sas_26328%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%2C%22970x90%22%2C%221000x90%22%2C%221000x30%22%2C%22990x90%22%2C%22950x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_26328%22%7D%2C%7B%22sd%22%3A%22sas_26322%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22300x50%22%2C%22320x100%22%2C%22300x100%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_26322%22%7D%2C%7B%22sd%22%3A%22sas_39287%22%2C%22s%22%3A%5B%22970x250%22%2C%221000x30%22%2C%221000x90%22%2C%22800x250%22%2C%22950x250%22%2C%22900x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_39287%22%7D%2C%7B%22sd%22%3A%22sas_30012%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22300x50%22%2C%22320x100%22%2C%22300x100%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_30012%22%7D%2C%7B%22sd%22%3A%22sas_26706%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%221097%2F651756%2F1967889%2Fsas_26706%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=88b8214f-2190-4e4e-a5a8-d50b90f1e845&pubid=a0dbece0-be46-4355-af6e-eaefdbf5391a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.8.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-8-164.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 4b5f3353b939f33fe6253326e0d4e1ab8067e2d1ccb762ff314cb544f35b8631

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
access-control-allow-origin: https://us.desenhopracolorir.com.br
x-cache: Miss from cloudfront
content-length: 144
x-amz-cf-id: weE6Vkq3e1DnptPIeJqWbFHneKHU0jSPbdyPezQ1kpvhpQaM21bwjw==
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P6
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 58ms
21ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 65707
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: tHT4WmWUDQG9oflF6KFy3bu_jkaopMw0O2_YfTQgZlDL3ke4yReeaw==
date: Fri, 15 Nov 2024 08:32:28 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 99D7 0
0 64ms
18ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sat, 16 Nov 2024 02:47:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 125ms
37ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Sat, 16 Nov 2024 03:02:34 GMT
accept-ranges: bytes
content-length: 17407
date: Sat, 16 Nov 2024 02:47:34 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 22ms
21ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
age: 84151
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: OXomexKZEQ5Z24HB0ESPFyy0lsSGjHVVsc15rrQUxlZKNxCDLVMeRw==
date: Fri, 15 Nov 2024 05:56:00 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 75ms
26ms Script
application/javascript 104.18.28.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7171-403e"
age: 10698
cf-ray: 8e3428371cec6693-AMS
expires: Tue, 19 Nov 2024 02:47:34 GMT
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 64ms
26ms Script
text/javascript 104.22.53.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&ref=&_it=amazon&partner_id=796
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 1549
x-amz-request-id: THYQ7PDVX2TEBZGV
cf-ray: 8e3428370a061c90-AMS
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/javascript
last-modified: Fri, 15 Nov 2024 18:21:40 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: vlzlKowFCxlyJf9oQ5E+X5xESX/8om1RuNE9HW31J9ZxJ68nKiYq3DX+oAWTlovUrR7jAmsFEqs=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 100 KB
29 KB 22ms
22ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-amz-id-2: Lddv6AhZHNn6Kb6ePY32qIh6vlD3XJ6uiOJDGI8Hxz/jC6jbuOhkqy18cjRLGsFEOK0sPmp4Iug=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"14cd899b51c2c37c71fbf5e1ae6fe38b"
age: 1415
x-amz-request-id: ZCMKH8G8CX36W7K2
cf-ray: 8e342836cb739fd6-AMS
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 142 B
304 B 97ms
97ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=796&sync=0&domain=us.desenhopracolorir.com.br&url=https://us.desenhopracolorir.com.br/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&ref=&_it=amazon&partner_id=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d285fa4847f78f9986d602be8fd08276e03318da733087c984235c47260b0d6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8e3428382f1465fe-AMS
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 146ms
102ms Preflight
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=796&sync=0&domain=us.desenhopracolorir.com.br&url=https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8e3428377eb965fe-AMS
content-length: 0
content-type: application/json
date: Sat, 16 Nov 2024 02:47:34 GMT
debug: OPTIONS block
expires: Sun, 16 Nov 2025 02:47:34 GMT
server: cloudflare

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
101 B 104ms
103ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&src=aps&ver=1.14.0&us_privacy=1---
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://us.desenhopracolorir.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
vary: origin

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 57ms
17ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=123585-desenhopracolorir-com-br&v=1&pbjsv=9.16.0&pv_id=46647a13-959a-4d37-a3b7-5b9fe0b3aa6e&auct_id=317ef1c0-58be-4941-9bc8-78f189cfa7e7&adu_code=26711&url_dmn=us.desenhopracolorir.com.br&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&pgtyp=article&plcmt=19&s_id=c2d54a13-8425-4240-aab9-04551d438704&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&adg_mts=ban
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
316 B 54ms
17ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=123585-desenhopracolorir-com-br&v=1&pbjsv=9.16.0&pv_id=46647a13-959a-4d37-a3b7-5b9fe0b3aa6e&auct_id=375b0510-06b9-4181-aff8-758ee1777a29&adu_code=26323&url_dmn=us.desenhopracolorir.com.br&mts=ban&ban_szs=300x250%2C300x600&bdrs=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&pgtyp=article&plcmt=3&s_id=c2d54a13-8425-4240-aab9-04551d438704&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&adg_mts=ban
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 64ms
36ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411130101/show_ads_impl_fy2021.js?bust=31088923

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

9e328d990cde840b91432a433655ad836b2964d02da804ee0027f6ea15d39357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12890
date: Sat, 16 Nov 2024 02:47:34 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H3 204 rum Show response
us.desenhopracolorir.com.br/cdn-cgi/ 0
149 B 18ms
17ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.desenhopracolorir.com.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e3428383d5e1c77-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

POST
H2 204 web-vitals
intake.pbstck.com/v1/intake/ 0
56 B 43ms
41ms Ping
text/plain 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/web-vitals?ttfb=593.800&tId=d04800bd-6691-49f2-bfda-0362acfc7af1&v=none&s=none&c=1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e3428384f3a0e70-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
server: cloudflare

GET
H3 200 cropped-logo-1-32x32.jpeg
us.desenhopracolorir.com.br/wp-content/uploads/2023/11/ 2 KB
3 KB 22ms
21ms Other
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.desenhopracolorir.com.br/wp-content/uploads/2023/11/cropped-logo-1-32x32.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14b1ab75909c4de6bce90fc601a490f5e7f0ca288f808a41fac7cf4ebabfdeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-cache-status: HIT
age: 5434507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nvbfnz4cClp9obXynDLPqaeMaEjzwMDcV%2B5dItirYGixK7DhinnHYkw%2B2q1M0RHucJdha7MWQs0rZ8mNCVGTZ6FvekIY0Kd6RQjuIl8rD1DRNgK6lyWblQsolhEi2fqqIXlgshC8r27a5e%2FhvBo%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 18:01:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12303&sent=222&recv=106&lost=0&retrans=0&sent_bytes=218166&recv_bytes=36196&delivery_rate=44345&cwnd=66000&unsent_bytes=0&cid=a884448120ec1f81&ts=1604&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/jpeg
last-modified: Thu, 09 Nov 2023 17:58:59 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e3428384d5f1c77-AMS
accept-ranges: bytes
content-length: 2375
server: cloudflare

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame DD23
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_rbd_ppt_n-acuityads_n-Outbrain
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_rbd_ppt_n-acuityads_n-Outbrain&dcc=t

0
0

189ms
188ms

Document
text/html

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_rbd_ppt_n-acuityads_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 318
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 16 Nov 2024 02:47:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 799XS2F7YW1DW3J2HHGF

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 16 Nov 2024 02:47:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_rbd_ppt_n-acuityads_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: PZKZVDM4GRCH92K72078

GET
H/1.1 200
OK 33f7262c16257d07283c8de5f298cf9a.gif
moderate9-v4.cleantalk.org/pixel/ 43 B
256 B 308ms
99ms Image
image/gif 51.81.55.251
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moderate9-v4.cleantalk.org/pixel/33f7262c16257d07283c8de5f298cf9a.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.55.251 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: moderate9.cleantalk.org
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

X-Server-IP: 51.81.55.251
Content-Length: 43
Date: Sat, 16 Nov 2024 02:47:34 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 82ms
32ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411130101/show_ads_impl_fy2021.js?bust=31088923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:47:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 _ Show response
fundingchoicesmessages.google.com/f/AGSKWxVyiaSAePVZS2U2JAasoL8V9Bcy3QoySIwombq8DpEfbzWuYiQN3dECQz89X-8D_iFhiBjpissTYA3tg5qJZJ5dhyTZ84WYNpQbkgatF-aYynQNYSwuIIOxuFT9iWHE5s7w9d0LSupR4wuaUhGQn7Zup-MIx... 54 B
109 B 35ms
35ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVyiaSAePVZS2U2JAasoL8V9Bcy3QoySIwombq8DpEfbzWuYiQN3dECQz89X-8D_iFhiBjpissTYA3tg5qJZJ5dhyTZ84WYNpQbkgatF-aYynQNYSwuIIOxuFT9iWHE5s7w9d0LSupR4wuaUhGQn7Zup-MIx4399V1Sjg56QjUfLLdW8dVc1Ypjj9L4/_?dfpadname=/adFooterBG./adsegmentation./bottomad./ads_premium.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.esyv45M6bt0.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz_TBkGKlFj_6i9GlseNAmwtt-iuA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

aad2cb210735c68bd0935295777f0146f417bd089be75d9ac37fd467f3b6098d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-23YUHy7LTro6mM98lJtWjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jvU_2MkmsKD1_k9GJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQ0MTPQPD-AIDAIOJQCI"
content-security-policy: script-src 'report-sample' 'nonce-23YUHy7LTro6mM98lJtWjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 20ms
20ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
etag: 13036835877489095579
age: 39907
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 15:42:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 15 Nov 2024 15:42:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWRG-GCJPjSGrUmC5AYKkHt_LJZnPLek2NrUN7y2nj6vqpCwz-lhr-0KQ-FnPjx6SHbzSfrkeseksAzMrjnOPp-5XpAyuMsB7nwAsxZxe97i-VdcBoMahCfZFzhmtSdcDNEaJcXRQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
29ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRG-GCJPjSGrUmC5AYKkHt_LJZnPLek2NrUN7y2nj6vqpCwz-lhr-0KQ-FnPjx6SHbzSfrkeseksAzMrjnOPp-5XpAyuMsB7nwAsxZxe97i-VdcBoMahCfZFzhmtSdcDNEaJcXRQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sk2KPWAv8mpiva2oxB3I5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE41v9gJ5vAjM1zfjAquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MTPQPT-AIDAD5JKPk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sk2KPWAv8mpiva2oxB3I5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 796 Show response
a.ad.gt/api/v1/u/matches/ 8 KB
4 KB 86ms
40ms Script
application/javascript 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/796?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&ref=&_it=amazon&partner_id=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660de9ff36492eac770bb95d16726a7ca0764bd93bbee421c097b21d6cf73735

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 289
cross-origin-resource-policy: cross-origin
cf-ray: 8e3428390b196715-AMS
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 02:40:55 GMT
vary: Accept-Encoding
server: cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRG-GCJPjSGrUmC5AYKkHt_LJZnPLek2NrUN7y2nj6vqpCwz-lhr-0KQ-FnPjx6SHbzSfrkeseksAzMrjnOPp-5XpAyuMsB7nwAsxZxe97i-VdcBoMahCfZFzhmtSdcDNEaJcXRQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jJ-eT4M6bKFk0fbdyOCDeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE41v9gJ5vAhR_b2piUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhoaGJnoFpfIEBAE40KSg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jJ-eT4M6bKFk0fbdyOCDeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRG-GCJPjSGrUmC5AYKkHt_LJZnPLek2NrUN7y2nj6vqpCwz-lhr-0KQ-FnPjx6SHbzSfrkeseksAzMrjnOPp-5XpAyuMsB7nwAsxZxe97i-VdcBoMahCfZFzhmtSdcDNEaJcXRQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P1KizPt3FCqi4_U23E5iag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE41v9gJ5tAx6HjnUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTQ0NBEz8A0vsAAACihKK8"
content-security-policy: script-src 'report-sample' 'nonce-P1KizPt3FCqi4_U23E5iag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRG-GCJPjSGrUmC5AYKkHt_LJZnPLek2NrUN7y2nj6vqpCwz-lhr-0KQ-FnPjx6SHbzSfrkeseksAzMrjnOPp-5XpAyuMsB7nwAsxZxe97i-VdcBoMahCfZFzhmtSdcDNEaJcXRQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hq-IxrQ-PLyVmYDAZxzFKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE41v9gJ5vAhJbNvUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTQ0NBEz8A0vsAAABqZKHc"
content-security-policy: script-src 'report-sample' 'nonce-hq-IxrQ-PLyVmYDAZxzFKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXvoD-zkDtcnNDg93YfXsBoQEER3uUcf9DzmJiOXZk06c5WtdMnAS1l8fG1huylzyM1qERgb2PIskjMDduVIj_KfmqbleUdSXbo4mDI-X2xbsoSHs1dEGPYBr_wKFE7T9aBqSu98w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 42ms
42ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXvoD-zkDtcnNDg93YfXsBoQEER3uUcf9DzmJiOXZk06c5WtdMnAS1l8fG1huylzyM1qERgb2PIskjMDduVIj_KfmqbleUdSXbo4mDI-X2xbsoSHs1dEGPYBr_wKFE7T9aBqSu98w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNzI1MjU0LDU0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicHQtUFQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly91cy5kZXNlbmhvcHJhY29sb3Jpci5jb20uYnIvIixudWxsLFtbOCwiZXN5djQ1TTZidDAiXSxbOSwibmwiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsxOCwiW1tbMF1dXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

9311180b7ea247256e57001cb7eb0ff54a9f203c6018e36087cd6ffb59f888d2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-n8eaj3qriIUE9ucBT5sRmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4jvU_2Mkm8OPalH4mJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQ0MTPQPD-AIDAIpTQCM"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-n8eaj3qriIUE9ucBT5sRmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUXVbXeJxD5EiDP5f5G2PLAW9ewSld0k5_wj8Dd1Qnzdl8MaDSQTFbVwehyy6m32FsaPsQKT57AjcYT1EqGZ3bea6-U8Bwn5XXUFhdDvFGeKwmwtqJyUk4mHCjqYtbzC4Ej7uKiTA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUXVbXeJxD5EiDP5f5G2PLAW9ewSld0k5_wj8Dd1Qnzdl8MaDSQTFbVwehyy6m32FsaPsQKT57AjcYT1EqGZ3bea6-U8Bwn5XXUFhdDvFGeKwmwtqJyUk4mHCjqYtbzC4Ej7uKiTA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uI9RIej9fnyirL5nqpaGQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE41v9gJ5vAjxdXFzIpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MTPQPT-AIDAGVLKXk"
content-security-policy: script-src 'report-sample' 'nonce-uI9RIej9fnyirL5nqpaGQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWRG-GCJPjSGrUmC5AYKkHt_LJZnPLek2NrUN7y2nj6vqpCwz-lhr-0KQ-FnPjx6SHbzSfrkeseksAzMrjnOPp-5XpAyuMsB7nwAsxZxe97i-VdcBoMahCfZFzhmtSdcDNEaJcXRQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-N01QEN0weHv5v4TgsGgKlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE41v9gJ5vAgTuHtjApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MTPQPT-AIDAE3YKS0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-N01QEN0weHv5v4TgsGgKlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://us.desenhopracolorir.com.br
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 5DEA 0
0 57ms
18ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:43:27 GMT
expires: Sat, 16 Nov 2024 03:33:27 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 6579 0
0 71ms
31ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-np5gNkAbhJf31cvqLNoyBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-np5gNkAbhJf31cvqLNoyBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:47:34 GMT
expires: Sat, 16 Nov 2024 02:47:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 796 Show response
p.ad.gt/api/v1/p/ 40 KB
14 KB 71ms
24ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/796
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/796?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594fccc2d7fb74c0ff01414fb565ffdbbbaa8203e43c3e7a568e05c9a8927429

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 146
cf-ray: 8e342839ccf60a7b-AMS
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 02:40:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
170 B 246ms
196ms Image
image/gif 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&halo_id=060ixe8ju6a659ajb9k76kdfh7ajekg7bi9uom4wi0e0y6ewg6y20ykos2ewmyq2g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342839cf551c78-AMS
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 ip_match
ids4.ad.gt/api/v1/ 0
193 B 525ms
172ms Image
text/html 35.82.75.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids4.ad.gt/api/v1/ip_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.75.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-75-134.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-length: 0
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&adnxs_id=$UID&gdpr=0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&adnxs_id=219247319205787899&gdpr=0

43 B
94 B

197ms
197ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&adnxs_id=219247319205787899&gdpr=0
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342839cf571c78-AMS
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&adnxs_id=219247319205787899&gdpr=0
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: c519dc1e-d6a9-4716-9b7c-a3010d6158d9
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:34 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
295 B 97ms
63ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001731725255-YQNUXSKF-F16K%26auid%3DAU1D-0100-001731725255-YQNUXSKF-F16K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private, max-age=0, no-cache
content-encoding: gzip
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 56
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H2 200 UCookieSetPug
image2.pubmatic.com/AdServer/ 0
225 B 88ms
19ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001731725255-YQNUXSKF-F16K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2

200

rub_match
ids.ad.gt/api/v1/
Redirect Chain

https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001731725255-YQNUXSKF-F16K&gdpr=0
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&rub=M3JKI5SH-D-8OF1&gdpr=0

43 B
95 B

184ms
184ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&rub=M3JKI5SH-D-8OF1&gdpr=0
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342839ff6f1c78-AMS
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
Location: https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&rub=M3JKI5SH-D-8OF1&gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Pragma: no-cache
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 31ms
28ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001731725255-YQNUXSKF-F16K&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-length: 70
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: Kestrel

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001731725255-YQNUXSKF-F16K&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001731725255...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001731725255-YQNUXSKF-F16K&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001731...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&tapad_id=885eeafb-df5d-41ac-9e27-427e45d6c75e

43 B
95 B

193ms
193ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&tapad_id=885eeafb-df5d-41ac-9e27-427e45d6c75e
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342839ff711c78-AMS
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&tapad_id=885eeafb-df5d-41ac-9e27-427e45d6c75e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Sat, 16 Nov 2024 02:47:34 GMT
server: Jetty(11.0.13)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 73ms
26ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001731725255-YQNUXSKF-F16K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Sat, 16 Nov 2024 02:47:34 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001731725255-YQNUXSKF-F16K
https://ids.ad.gt/api/v1/amo_match?turn_id=3284636752864110541&id=AU1D-0100-001731725255-YQNUXSKF-F16K

43 B
118 B

249ms
248ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=3284636752864110541&id=AU1D-0100-001731725255-YQNUXSKF-F16K
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e34283a6fd91c78-AMS
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://ids.ad.gt/api/v1/amo_match?turn_id=3284636752864110541&id=AU1D-0100-001731725255-YQNUXSKF-F16K
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Sat, 16 Nov 2024 02:47:34 GMT

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&uid=90296adb-064e-484c-958f-8b26acccb373&gdpr=0

43 B
95 B

185ms
185ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&uid=90296adb-064e-484c-958f-8b26acccb373&gdpr=0
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e34283c08d41c78-AMS
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, private
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001731725255-YQNUXSKF-F16K&uid=90296adb-064e-484c-958f-8b26acccb373&gdpr=0
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sat, 16 Nov 2024 02:47:34 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-5-143
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001731725255-YQNUXSKF-F16K
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMTcyNTI1NS1ZUU5VWFNLRi1GMTZL

170 B
232 B

50ms
30ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMTcyNTI1NS1ZUU5VWFNLRi1GMTZL

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Sat, 16 Nov 2024 02:47:34 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cf-ray: 8e342839ff6e1c78-AMS
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMTcyNTI1NS1ZUU5VWFNLRi1GMTZL
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/html; charset=utf-8
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
95 KB 36ms
36ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/796

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a1292f92246ebb41eca236860c3438576a105276352894ffc4016149020c4c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 02:47:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96951
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
101 B 195ms
194ms XHR
text/plain 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e342839fbec6715-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 237ms
188ms Preflight 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8e34283a4fac9719-AMS
date: Sat, 16 Nov 2024 02:47:34 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
88 B 257ms
200ms Script
text/plain 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=b02bf653fc900a630b1f6c377f399725&url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e34283a6cea0bdc-AMS
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:34 GMT
server: cloudflare

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 2 B
116 B 202ms
200ms XHR
application/json 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: *
cf-cache-status: DYNAMIC
cf-ray: 8e34283b783a9719-AMS
access-control-allow-origin: *
content-length: 2
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: cloudflare

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
245 B 28ms
27ms Fetch
text/plain 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: text/plain;charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
298 B 28ms
28ms Fetch
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

6ca96d63988de0f24120559ca6fd43543b198e491de6f2dd3c9a9d17d971dca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 v3 Show response
id5-sync.com/gm/ 700 B
1 KB 28ms
27ms XHR
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

ff6327a3527d8a63605c7967e0a2339bb09b3902b1864bb05543d097bcc95c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP="CAO PSA OUR"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/json
vary: Origin

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://id5-sync.com/i/12/8.gif?o=api&id5id=ID5*zsD_OXjpaHmI2Ss70i50-bi3pyJuyboq-d5rBRtBTo7ZT9iWNs1BkBI4sBVDKE1h&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/2/7/2.gif?puid=219247319205787899&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://id5-sync.com/k/155.gif?puid=AAB1RE7OcBAAABbqkF6Nmg&id5AccountNum=155&numCascadesAllowed=9
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

34ms
33ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-length: 70
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif
server: Kestrel

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
p3p: CP="CAO PSA OUR"
date: Sat, 16 Nov 2024 02:47:35 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 genericpost Show response
ww1097.smartadserver.com/ 603 B
582 B 237ms
193ms XHR
application/javascript 5.196.111.64
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: e8698a042d483af4b78f7b81eb6a2076537496d7cc3b3759960817e48be3ec1a

Request headers

traceparent: 00-771728c96f852fa3bf7c71286b32cc4c-bd7ca0d949455186-00
Save-Data: off
Referer: https://us.desenhopracolorir.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/javascript
tracestate: eqtv-source=smartjs

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Origin

OPTIONS
H2 204 genericpost
ww1097.smartadserver.com/ Frame 0
0 124ms
20ms Preflight 5.196.111.64
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data,traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data,traceparent,tracestate
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
vary: Origin

OPTIONS
H2 204 genericpost
ww1097.smartadserver.com/ Frame 0
0 114ms
21ms Preflight 5.196.111.64
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data,traceparent,tracestate
Access-Control-Request-Method: POST
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data,traceparent,tracestate
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:34 GMT
vary: Origin

POST
H2 200 genericpost Show response
ww1097.smartadserver.com/ 593 B
578 B 259ms
217ms XHR
application/javascript 5.196.111.64
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: a36c973875384455167daf64b8fc4c5b97eb83ec74bcdf533e4eb5290baa9538

Request headers

traceparent: 00-08125e326f33ab69759987a2c515a026-f6a0a1592a46b09b-00
Save-Data: off
Referer: https://us.desenhopracolorir.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/javascript
tracestate: eqtv-source=smartjs

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Origin

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 21ms
18ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=123585-desenhopracolorir-com-br&v=2&pbjsv=9.16.0&pv_id=46647a13-959a-4d37-a3b7-5b9fe0b3aa6e&auct_id=317ef1c0-58be-4941-9bc8-78f189cfa7e7&adu_code=26711&url_dmn=us.desenhopracolorir.com.br&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&pgtyp=article&plcmt=19&s_id=c2d54a13-8425-4240-aab9-04551d438704&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C1%2C0%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C0.48994506%2C%2C0%2C%2C%2C%2C%2C%2C%2C&dom_i=936&dom_c=2246&loa_e=2248&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 21ms
19ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=123585-desenhopracolorir-com-br&v=2&pbjsv=9.16.0&pv_id=46647a13-959a-4d37-a3b7-5b9fe0b3aa6e&auct_id=375b0510-06b9-4181-aff8-758ee1777a29&adu_code=26323&url_dmn=us.desenhopracolorir.com.br&mts=ban&ban_szs=300x250%2C300x600&bdrs=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&pgtyp=article&plcmt=3&s_id=c2d54a13-8425-4240-aab9-04551d438704&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C1%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C0.029404668755000002%2C0%2C%2C%2C%2C%2C%2C%2C&dom_i=936&dom_c=2246&loa_e=2248&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sat, 16 Nov 2024 02:47:34 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 server_match
ice.360yield.com/ 43 B
199 B 116ms
31ms Image
image/gif 63.32.172.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26it%3Dadg-pb-clt%26uid%3D%7BPUB_USER_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.32.172.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-172-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif

GET
H2 204 /
onetag-sys.com/usync/ Frame 7F0E 0
0 32ms
28ms Document
text/plain 51.89.9.253
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 181ms
179ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e34283e3c2a6642-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:35 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 229ms
190ms Preflight
text/html 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://us.desenhopracolorir.com.br
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8e34283d0b656642-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 02:47:35 GMT
server: cloudflare
vary: Origin

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 31F2 1 KB
1 KB 106ms
28ms Script
text/javascript 37.157.2.228
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=77142872;rtbwp=XNDBWRqYZG3j9cOdRHPeFISV2OcaNIhalEus3w;rtbdata=4HHZyUutvz4wldpIFtIHbRRSwnYkZac7eYjTtOFC540HIySwpuhXs3VMcvqAsh8tikSyMY6XAlz-qrLWfHGTeSR-ZLI3ep12ML1IqY3uPS-g1zVH0DpK3Oo6XELVSBbZHOnQSNDvs2sIDB105qOSPUxR-4uXSg0svSstDAuRJ3zV3Ezd_4T1nK4QIbiOwUfTju2Xrfyx4IYio5XUF4szG0A5xDL0aR0pluyR1F53LYmBqVgcSavbfFEQqA0NLHUY2Io8g46rQ3wzHSJ7rPQEyJfJ9O5mgyRjeg7mM5pL3dvrohOHwizGqBgzvdXGwNvwZPSVCRcBPzE1

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

a64d2a4a7bdb66bc621e73b98cfd71a5c412dcc5c99e74a28eca64cc58dbd5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 922
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 imp_pixel
euw-ice.360yield.com/ Frame 31F2 43 B
199 B 102ms
29ms Image
image/gif 52.16.63.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw-ice.360yield.com/imp_pixel?ic=.2iBnLuwP4u2bJWX4HLa-w-H9aFta8.i.2tzy9A3IfjL473Hu33ChuvD-qvb-wC53ubMObgzbRyUlqQaS8ai1S6i5dtfitmb3nHD-7tKWLI6FV37hkpSp2FVGOWUfV6JQq5xJERzR1iTnZNnlXVAQEJiOacDU0eHjA.7099QsMoEaohEpWY1lgv-PtKjYF2mte3JPKOU9J-vp-B6kdqpIo2LEQ8hoDOXvztBJvqyT8p4XNYUD7pmISIjAqhCZ4trpTpxi0lSIlC8Z6.UY4MhAH.X2u7qVY.w28Ww6mM3.ILJhm.P8pUd4dbuu20YdRKYpBC1GA0xZzbHF8zeeMdzYFT6msWf3MaeCkJI4qe4guElFNosCqNPtmmM.D.RK4aYqfARvcfkwdjW8GVKH0KwH8JkMgOkom4NOxeaTvmRYER24TRJ1v4m3nPVDyjAhK0-f0ixm0zs1vhaDk0GbN-MPs18aez.ZWt8VFT8chSZn4anQ0DXYeST8quBmRa2WhqGhBdhL2WnVm4RVVNHb2UaAj40zmf6F2wzSYivDqE5msy2ZtLLTcThJwl1BAm4ITk7Xz0.PeSCbgs2afDsC6980rsd.85L1Lgg02qoUI55H9To4fzwK56UvRSsVRPxPQmE4l8isDUWe1VwSQYmSRXj1LY75nKKDXXKGxVuWHikVV6e.EuH9a-dOATewX8QlNNxNwRIgA
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.16.63.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-63-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame EE01 167 KB
61 KB 257ms
26ms Script
application/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7f88879c607670c2f73802780fc2e5a196a9cbfbb10c4b43114be9e13a60bfec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://us.desenhopracolorir.com.br
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-azure-ref: 20241116T024735Z-er1cbdf9ddb6gp57hC1AMSh60c00000000u000000000h9da
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 79341049
x-ms-request-id: 815950f5-401e-00f3-037d-371ce8000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 16 Nov 2024 02:47:35 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 16:58:54 GMT

GET
H2 200 it
fra1-ib.adnxs.com/ Frame EE01 0
966 B 32ms
20ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&e=wqT_3QLwCPBMcAQAAAMA1gAFAQjGj-C5BhDzn6rg4Kzk2l0Yuufd4LLruuEUKjYJGpNxEp9Vpj8RJrK4hL03pT8ZAAAAoEfhDEAhJrK4hL03pT8pGpMJJNgxAAAAwMzM3D8wo9ncDDj6REC1XkjjA1C6iYq2AVj9s1dgAGjRmsUBeNDYBYABAYoBA1VTRJIBAQb0jgGYAawCoAHYBKgBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOAC6dVG6gIkaHR0cHM6Ly91cy5kZXNlbmhvcHJhY29sb3Jpci5jb20uYnIvgAMAiAMBkAMAmAMUoAMBqgPHAwrdAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTBjYWRkMzFlLTg5MWQtNDM5Mi05YzI3LTFmZjk4ZGEyYzBmMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MGNhZGQzMWUtODkxZC00MzkyLTljMjctMWZmOThkYTJjMGYwJnJlZ2lvbj1lbWVhJnJ0eXBlPW51cmwmdGFnSWQ9MjY2ODQ1NzkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmEFGXxfcDJmX3pib3Z5ciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0R8MlQUklDRX0SBTEyMDg1GhM2NzUyNDYzMDgzNzg2NjM3Mjk5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56YzFNVFUzTmprM056UTRNRGtqTWpNeU9UTXhOVE00TkRJek5EUTJPQT09wAPYBMgDANgDkLmGAuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDDE3Ni42Ny44MS4zMKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AS6QasM-gQSCUHLECDgQkARQe_wTJt0WMCIBQGYBQCgBfzoubW51sDFbaoFI2I4ZTFkMmNiOWMyOC0xNzc1LTIyNmQtOTY2YTRhYjBkMjJhwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBaP-HfoFBAgAEACQBgCYBgC4BgDBBgkkLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfQ2AXSBw0BvgUBASYI2gcGAV7wfxgA4AcA6gcCCADwB66KcooIRwpDAAABkzLeXXBdtZFmDAqP87HARNWD85KcsEMZffqU_liBJt0DUlQpPqVeivA9q3AzgrWTZAwD8j--3SeNAO135gsWKRABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGADaCAQIACAA4AgA&s=507f8b1378f52571bd610cfc168a4e619acf642e&pp=0.041441

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 59bbb040-9bed-447e-b99d-4e4743bd421b
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:35 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/246/ Frame EE01 81 KB
28 KB 156ms
47ms Script
application/x-javascript 23.32.238.154
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/246/trk.js
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3ba9de84337ba208fdafeb484461b6bf4dbbef80edf27f7aceb44ebcba1a7518

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Cache-Control: max-age=31536000
Content-Encoding: gzip
ETag: "e8ee9b193f2eb43cfd8dca60852635f9:1726038251.246527"
Connection: keep-alive
Expires: Sun, 16 Nov 2025 02:47:35 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 27884
Date: Sat, 16 Nov 2024 02:47:35 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 11 Sep 2024 07:04:11 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 widget.serverless.js Show response
static.vidazoo.com/basev/wgt/odin/1.0.16/ Frame EE01 172 KB
47 KB 73ms
22ms Script
application/javascript 172.64.154.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/wgt/odin/1.0.16/widget.serverless.js
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6fc9f53de0a4d3546b8ae8510e62b303cbe56ddd30217858dac8c9e9ca5ff37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
content-encoding: gzip
cf-cache-status: HIT
etag: "62397d3b913aca470db3d8da6c8001d1"
age: 8042
access-control-allow-methods: GET, OPTIONS, HEAD
expires: Sun, 17 Nov 2024 02:47:35 GMT
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: application/javascript
last-modified: Sun, 03 Nov 2024 09:14:04 GMT
vary: Accept-Encoding
x-amz-id-2: dHtDJY005eZ4G2zMsZHb3V46W3Ff+ACpMBzzQyX3DtMNQyU2AuP5LX/zCJKQDeKoMrz/ue/tEsM=
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
x-amz-request-id: F0SHQFWGZ2NG981Z
cf-ray: 8e34283ddae61c99-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47560
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 204 unip Show response
trc-events.taboola.com/1328113/log/3/ 0
255 B 38ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1328113/log/3/unip?en=pre_d_eng_tb&tos=1648&scd=0&ssd=1&est=1731725253638&ver=36&isls=true&src=i&invt=1500&msa=6488&rv=1&tim=1731725255286&vi=1731725253635&ri=2c04a67fbf97462960a5d8ccb84effdb&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1328113/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: https://us.desenhopracolorir.com.br
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Sat, 16 Nov 2024 02:47:35 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1328113/log/3/ Frame 0
0 65ms
12ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1328113/log/3/unip?en=pre_d_eng_tb&tos=1648&scd=0&ssd=1&est=1731725253638&ver=36&isls=true&src=i&invt=1500&msa=6488&rv=1&tim=1731725255286&vi=1731725253635&ri=2c04a67fbf97462960a5d8ccb84effdb&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://us.desenhopracolorir.com.br
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 16 Nov 2024 02:47:35 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H2 200 bootstrap.js Show response
s1.adform.net/mink/634/s1.adform.net/ Frame 31F2 38 KB
17 KB 164ms
43ms Script
text/javascript 37.157.4.21
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/634/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=77142872;rtbwp=XNDBWRqYZG3j9cOdRHPeFISV2OcaNIhalEus3w;rtbdata=4HHZyUutvz4wldpIFtIHbRRSwnYkZac7eYjTtOFC540HIySwpuhXs3VMcvqAsh8tikSyMY6XAlz-qrLWfHGTeSR-ZLI3ep12ML1IqY3uPS-g1zVH0DpK3Oo6XELVSBbZHOnQSNDvs2sIDB105qOSPUxR-4uXSg0svSstDAuRJ3zV3Ezd_4T1nK4QIbiOwUfTju2Xrfyx4IYio5XUF4szG0A5xDL0aR0pluyR1F53LYmBqVgcSavbfFEQqA0NLHUY2Io8g46rQ3wzHSJ7rPQEyJfJ9O5mgyRjeg7mM5pL3dvrohOHwizGqBgzvdXGwNvwZPSVCRcBPzE1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.4.21 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99ac714e1069dd603be814ee92a5bfd8d42810a638471e7934c6e18a06cb7175

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Sun, 17 Nov 2024 05:53:24 GMT
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 31 Oct 2024 12:44:10 GMT

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 19ms
18ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=123585-desenhopracolorir-com-br&v=3&pbjsv=9.16.0&pv_id=46647a13-959a-4d37-a3b7-5b9fe0b3aa6e&auct_id=317ef1c0-58be-4941-9bc8-78f189cfa7e7&adu_code=26711&url_dmn=us.desenhopracolorir.com.br&mts=ban&ban_szs=300x168%2C300x250&bdrs=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&pgtyp=article&plcmt=19&s_id=c2d54a13-8425-4240-aab9-04551d438704&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C1%2C0%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C0.48994506%2C%2C0%2C%2C%2C%2C%2C%2C%2C&dom_i=936&dom_c=2246&loa_e=2248&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&win_bdr=improvedigital&win_mt=ban&win_ban_sz=300x250&win_net_cpm=0.48994506&win_og_cpm=0.48994506
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 18ms
18ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=123585-desenhopracolorir-com-br&v=3&pbjsv=9.16.0&pv_id=46647a13-959a-4d37-a3b7-5b9fe0b3aa6e&auct_id=375b0510-06b9-4181-aff8-758ee1777a29&adu_code=26323&url_dmn=us.desenhopracolorir.com.br&mts=ban&ban_szs=300x250%2C300x600&bdrs=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&pgtyp=article&plcmt=3&s_id=c2d54a13-8425-4240-aab9-04551d438704&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&bdrs_code=adagio%2Camx%2Ccriteo%2Ceplanning%2Cimprovedigital%2Ckueezrtb%2Cmoneytizer%2Copenx%2Coutbrain%2Crubicon%2Csharethrough%2Csmilewanted%2Csparteo%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C1%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C0.029404668755000002%2C0%2C%2C%2C%2C%2C%2C%2C&dom_i=936&dom_c=2246&loa_e=2248&bdrs_timeout=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&win_bdr=kueezrtb&win_mt=ban&win_ban_sz=300x600&win_net_cpm=0.029404668755000002&win_og_cpm=0.029404668755000002
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ 0
138 B 67ms
49ms XHR
text/plain 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?tId=d04800bd-6691-49f2-bfda-0362acfc7af1&c=2
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e34283e9976b8b5-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:35 GMT
server: cloudflare

POST
H3 204 impression Show response
intake.pbstck.com/v1/intake/ 0
102 B 80ms
65ms XHR
text/plain 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/impression?tId=d04800bd-6691-49f2-bfda-0362acfc7af1&c=2
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e34283e997ab8b5-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:35 GMT
server: cloudflare

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 31F2 5 KB
3 KB 29ms
29ms Script
text/javascript 37.157.2.228
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=77142872;rtbwp=XNDBWRqYZG3j9cOdRHPeFISV2OcaNIhalEus3w;rtbdata=4HHZyUutvz4wldpIFtIHbRRSwnYkZac7eYjTtOFC540HIySwpuhXs3VMcvqAsh8tikSyMY6XAlz-qrLWfHGTeSR-ZLI3ep12ML1IqY3uPS-g1zVH0DpK3Oo6XELVSBbZHOnQSNDvs2sIDB105qOSPUxR-4uXSg0svSstDAuRJ3zV3Ezd_4T1nK4QIbiOwUfTju2Xrfyx4IYio5XUF4szG0A5xDL0aR0pluyR1F53LYmBqVgcSavbfFEQqA0NLHUY2Io8g46rQ3wzHSJ7rPQEyJfJ9O5mgyRjeg7mM5pL3dvrohOHwizGqBgzvdXGwNvwZPSVCRcBPzE1;json=1;js=1;adfxid=1x;9907;set=nl-NL|nl-NL|1600X1200||300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fus.desenhopracolorir.com.br%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/634/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

d49a7138859ecb5c118ff01f6162b301a153332045bd6bc397f1123e8a38ef19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 2821
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/app/245/ Frame EE01 118 KB
35 KB 165ms
39ms Script
application/x-javascript 23.32.238.154
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/app/245/trk.js
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c6ed3c61f2cbf6b793c72e4173c8cf582a7c4ffd6ed7c989b0b92f442959552a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Cache-Control: max-age=31536000
Content-Encoding: gzip
ETag: "ab3872b3bb7f1621863ec0b21c19238a:1718880551.53183"
Connection: keep-alive
Expires: Sun, 16 Nov 2025 02:47:35 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 35721
Date: Sat, 16 Nov 2024 02:47:35 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 20 Jun 2024 10:49:11 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2

200

c.gif
www.bing.com/aes/ Frame EE01
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2e6d09a2-6963-412b-a4bd-9815ef2cfe79&bidId=15000&bidderId=4&cmExpId=LV2&impId=6752463083786637299&oAdUnit=391466&publisherId=162645...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7c0fb9cde4854ddf895d7620a8f195f2&SNR=1&GV=2&med=10

0
546 B

78ms
77ms

Image
text/plain

2.23.209.187
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7c0fb9cde4854ddf895d7620a8f195f2&SNR=1&GV=2&med=10
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Server: 2.23.209.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-23-209-187.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private,no-store
x-cdn-traceid: 0.3bd01702.1731725255.84f7142
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69E8423F11E4471F81DAA124683DFBCF Ref B: FRA31EDGE0420 Ref C: 2024-11-16T02:47:35Z
alt-svc: h3=":443"; ma=93600
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length: 0
date: Sat, 16 Nov 2024 02:47:35 GMT
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7c0fb9cde4854ddf895d7620a8f195f2&SNR=1&GV=2&med=10
x-cdn-traceid: 0.3bd01702.1731725255.84f70c1
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A8003A720A54B85AE498A8C1F85A31A Ref B: FRA31EDGE0517 Ref C: 2024-11-16T02:47:35Z
expires: 0
alt-svc: h3=":443"; ma=93600
content-length: 154
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: text/html; charset=utf-8
vary: Origin

GET
H2 200 th
www.bing.com/ Frame EE01 47 KB
47 KB 126ms
44ms Image
image/jpeg 2.23.209.187
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246447236051_1U6MG4V8F88I20KPF7&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=300&qlt=90
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-23-209-187.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9c96015a633d51add7b91b455e8397620e77ee66996acef8c00060b012ff207

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: public, max-age=2592000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.3bd01702.1731725255.84f70c0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 48099
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame BE42 0
0 45ms
12ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8826&pub_id=1133447
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 75798
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 16 Nov 2024 02:47:35 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1451771, 254288
X-Served-By: cache-lga21993-LGA, cache-ams2100107-AMS
X-Timer: S1731725256.652063,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame EE01 0
965 B 21ms
21ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&e=wqT_3QKgBfBMoAIAAAMA1gAFAQjGj-C5BhDzn6rg4Kzk2l0Yuufd4LLruuEUKjYJGpNxEp9Vpj8RJrK4hL03pT8ZAAAAoEfhDEAhJrK4hL03pT8pGpMJJNgxAAAAwMzM3D8wo9ncDDj6REC1XkjjA1C6iYq2AVj9s1dgAGjRmsUBeNDYBYABAYoBA1VTRJIBAQb0SAGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOAC6dVG6gIkaHR0cHM6Ly91cy5kZXNlbmhvcHJhY29sb3Jpci5jb20uYnIvgAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgDkLmGAuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDDE3Ni42Ny44MS4zMKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AS6iYq2AfoEEgkAAADAIOBCQBEAAACgm3RYwIgFAZgFAKAF_Oi5tbnWwMVtqgUjYjhlMWQyY2I5YzI4LTE3NzUtMjI2ZC05NjZhNGFiMGQyMmHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWj_h36BQQIABAAkAYAmAYAuAYAwQYAAAkxJNAGwo0E2gYWChABEC4BAHAQABgA4AYB8gYCCACABwGIBwCgBwHIB9DYBdIHDRVlASYM2gcGCAUJ8HXgBwDqBwIIAPAHropyighHCkMAAAGTMt5dcF21kWYMCo_zscBE1YPzkpywQxl9-pT-WIEm3QNSVCk-pV6K8D2rcDOCtZNkDAPyP77dJ40A7XfmCxYpEAGVCAAAgD-YCAHACADSCAYIABAAGADaCAQIACAA4AgA&s=9fb03cbd586ac3803ace70b71cc9741dcf108392&bdref=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fus.desenhopracolorir.com.br%2F,https%3A%2F%2Fus.desenhopracolorir.com.br%2F&

Requested by

Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: aa7488d0-a771-443c-a73c-61c64b52eaf8
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:35 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 Standard Show response
s1.adform.net/mink/634/s1.adform.net/load/v/0.0.254/e/.gSBgiDS/i/uEAv-wgAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 31F2 91 KB
38 KB 29ms
29ms Script
text/javascript 37.157.4.21
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/634/s1.adform.net/load/v/0.0.254/e/.gSBgiDS/i/uEAv-wgAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/634/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.4.21 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 92fdf7f7dec4f9790db7e9f1e1819f88dd5dd30dfe147c3c625716eb584fd6f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Sun, 17 Nov 2024 05:53:24 GMT
access-control-allow-origin: *
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 31 Oct 2024 12:44:10 GMT

POST
H2 204 dyex
track.kueezssp.com/ Frame EE01 0
566 B 152ms
107ms Ping
text/plain 104.26.1.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.kueezssp.com/dyex?x=1&prx=0&beacon=1&_=1731725254672
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQ3VNQ1NnYfQxYWvqB4SNuMcu%2FycDyZ0NJUS8S2wSbj2qzjl5owlo1TQaamlEyh8%2BYbqkQ0yo6AY8AkA7ujAODX7G3OmYFCpTtJBTRCyzcTl4r2OyZcK%2FjYlXmWeLdoP8%2FScFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e3428400922b7c6-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
server-timing: cfL4;desc="?proto=TCP&rtt=12219&sent=9&recv=14&lost=0&retrans=0&sent_bytes=4025&recv_bytes=3370&delivery_rate=292164&cwnd=254&unsent_bytes=0&cid=f9bbeaff1462e74f&ts=119&x=0"
date: Sat, 16 Nov 2024 02:47:35 GMT
server: cloudflare

POST
H2 204 dyex
gtrack.kueezssp.com/ Frame EE01 0
570 B 159ms
117ms Ping
text/plain 172.67.71.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrack.kueezssp.com/dyex?x=1&prx=0&beacon=1&_=1731725254673
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LiW6RafGtSLEhiU%2B2%2B5lQQbKXSgufuiVrQvSDrJOaeZ%2FeDd8zqrjRk9KduyrSOjCU%2F4aQojIaEF%2BgSyC%2BEGid4L%2BTjvWQttSpZlkneO4MBhwehiGTR4g0sTlZ7qp%2BtecZP%2FwtYc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e3428400c9c66bd-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
server-timing: cfL4;desc="?proto=TCP&rtt=11620&sent=9&recv=14&lost=0&retrans=0&sent_bytes=4026&recv_bytes=3404&delivery_rate=341037&cwnd=254&unsent_bytes=0&cid=f6cad3641cda92a1&ts=126&x=0"
date: Sat, 16 Nov 2024 02:47:35 GMT
server: cloudflare

POST
H2 204 dyex
otrack.kueezssp.com/ Frame EE01 0
565 B 158ms
114ms Ping
text/plain 172.67.71.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otrack.kueezssp.com/dyex?x=1&prx=0&beacon=1&_=1731725254673
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QT5KWhhbOyhR0syFyBXjch%2FxpN1OvDlXQO%2F%2F7D%2FmQcRL5mEXHHS162Ec4PSr3B8WR98MtxVOvCGBZfgGlxqeD6Ok2QcTARw20VKFbrSxLmCmKARSEZod8F6S7Z0CJsqoZI0qEn4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e3428400b2d9719-AMS
access-control-allow-origin: https://us.desenhopracolorir.com.br
server-timing: cfL4;desc="?proto=TCP&rtt=11530&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4003&recv_bytes=3404&delivery_rate=355306&cwnd=253&unsent_bytes=0&cid=9b6894eab0227594&ts=125&x=0"
date: Sat, 16 Nov 2024 02:47:35 GMT
server: cloudflare

POST
H2 204 bid_won
exchange.kueezrtb.com/api/v1/ Frame EE01 0
298 B 90ms
89ms Ping
text/plain 198.199.71.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/api/v1/bid_won
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.199.71.70 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: https://us.desenhopracolorir.com.br
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Sat, 16 Nov 2024 02:47:35 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 aggregate_beacon
bisrtb.cootlogix.com/ Frame EE01 0
183 B 377ms
182ms Ping
text/plain 143.244.162.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bisrtb.cootlogix.com/aggregate_beacon
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.244.162.144 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: text/plain
access-control-allow-headers: *

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame EE01 0
989 B 20ms
20ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&e=wqT_3QLwCPBMcAQAAAMA1gAFAQjGj-C5BhDzn6rg4Kzk2l0Yuufd4LLruuEUKjYJGpNxEp9Vpj8RJrK4hL03pT8ZAAAAoEfhDEAhJrK4hL03pT8pGpMJJNgxAAAAwMzM3D8wo9ncDDj6REC1XkjjA1C6iYq2AVj9s1dgAGjRmsUBeNDYBYABAYoBA1VTRJIBAQb0jgGYAawCoAHYBKgBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOAC6dVG6gIkaHR0cHM6Ly91cy5kZXNlbmhvcHJhY29sb3Jpci5jb20uYnIvgAMAiAMBkAMAmAMUoAMBqgPHAwrdAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTBjYWRkMzFlLTg5MWQtNDM5Mi05YzI3LTFmZjk4ZGEyYzBmMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MGNhZGQzMWUtODkxZC00MzkyLTljMjctMWZmOThkYTJjMGYwJnJlZ2lvbj1lbWVhJnJ0eXBlPW51cmwmdGFnSWQ9MjY2ODQ1NzkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmEFGXxfcDJmX3pib3Z5ciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0R8MlQUklDRX0SBTEyMDg1GhM2NzUyNDYzMDgzNzg2NjM3Mjk5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56YzFNVFUzTmprM056UTRNRGtqTWpNeU9UTXhOVE00TkRJek5EUTJPQT09wAPYBMgDANgDkLmGAuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDDE3Ni42Ny44MS4zMKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AS6QasM-gQSCUHLECDgQkARQe_wTJt0WMCIBQGYBQCgBfzoubW51sDFbaoFI2I4ZTFkMmNiOWMyOC0xNzc1LTIyNmQtOTY2YTRhYjBkMjJhwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBaP-HfoFBAgAEACQBgCYBgC4BgDBBgkkLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfQ2AXSBw0BvgUBASYI2gcGAV7wfxgA4AcA6gcCCADwB66KcooIRwpDAAABkzLeXXBdtZFmDAqP87HARNWD85KcsEMZffqU_liBJt0DUlQpPqVeivA9q3AzgrWTZAwD8j--3SeNAO135gsWKRABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGADaCAQIACAA4AgA&s=507f8b1378f52571bd610cfc168a4e619acf642e&type=nv&nvt=5&jm=1003&px=1114&py=501&bw=300&bh=300&sid=9164672541464372932&vd=ct~0|rr~0&sv=246&tv=view7-1hs&ua=chrome52&pl=linux&x=v&tag_id=26684579&sw=1600&sh=1200&pw=1600&ph=8555&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/246/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
an-x-request-uuid: 695bf8c5-6a5a-45c3-9dd8-d2bf2e54018d
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:35 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

POST
H2 200 /
track.adform.net/csimpr/ Frame 31F2 35 B
600 B 28ms
28ms Ping
image/gif 37.157.2.228
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=77142872&csi=rH9sCJt3pr6JIuqav4gGNBW3_40i2e-KBz-RIcfnWJeUAVx2287kiHWkRjinUD-vGCOUpk9KUGZWarlqdoY-IdMOxf_opwQw8aWtwwcvXIEyM7RvLlxtc4L1Ji9a1nNZIm8I0nRrnNk0gtUNVE7DVOfAwe4EHM330EYHEqVZ3SjhcEI73F91sAr2x4wEEbqv0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/634/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://us.desenhopracolorir.com.br
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Sat, 16 Nov 2024 02:47:35 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

GET
H2 200 66412982.gif
s1.adform.net/Banners/66412982/ Frame 31F2 220 KB
221 KB 30ms
29ms Image
image/gif 37.157.4.21
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/66412982/66412982.gif?bv=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.4.21 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: acdc7696b4cc15aa8f3394a324bf57e7b9dcbf75816b90073a568501fc22452c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
etag: "10419b0ee1f3a7f14ade284a6cd8e21d"
x-amz-request-id: tx00000b7b4df95a8b52cfc-006731b2c1-3299254a-default
accept-ranges: bytes
access-control-allow-origin: *
content-length: 225387
date: Sat, 16 Nov 2024 02:47:35 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Tue, 22 Oct 2024 18:11:04 GMT
server: nginx

GET
H2

204

setuid
u.4dex.io/
Redirect Chain

https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=
https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
https://u.4dex.io/setuid?bidder=rtbhouse&uid=dW-iyY_CknzZVk-O4QRjTWxbi9LPevMYNtQhmK8tlzE&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1

0
794 B

46ms
18ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=rtbhouse&uid=dW-iyY_CknzZVk-O4QRjTWxbi9LPevMYNtQhmK8tlzE&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

via: 1.1 google
expires: 0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
date: Sat, 16 Nov 2024 02:47:36 GMT
vary: Origin, Accept-Encoding

Redirect headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
location: https://u.4dex.io/setuid?bidder=rtbhouse&uid=dW-iyY_CknzZVk-O4QRjTWxbi9LPevMYNtQhmK8tlzE&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length: 0
date: Sat, 16 Nov 2024 02:47:36 GMT, Sat, 16 Nov 2024 02:47:36 GMT
pragma: no-cache
vary: Accept-Encoding

POST
H3 204 viewability Show response
intake.pbstck.com/v1/intake/ 0
102 B 46ms
46ms XHR
text/plain 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/viewability?tId=d04800bd-6691-49f2-bfda-0362acfc7af1&c=1
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cf-ray: 8e3428450cd9b8b5-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
date: Sat, 16 Nov 2024 02:47:36 GMT
server: cloudflare

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame EE01 0
990 B 20ms
20ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&e=wqT_3QLwCPBMcAQAAAMA1gAFAQjGj-C5BhDzn6rg4Kzk2l0Yuufd4LLruuEUKjYJGpNxEp9Vpj8RJrK4hL03pT8ZAAAAoEfhDEAhJrK4hL03pT8pGpMJJNgxAAAAwMzM3D8wo9ncDDj6REC1XkjjA1C6iYq2AVj9s1dgAGjRmsUBeNDYBYABAYoBA1VTRJIBAQb0jgGYAawCoAHYBKgBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOAC6dVG6gIkaHR0cHM6Ly91cy5kZXNlbmhvcHJhY29sb3Jpci5jb20uYnIvgAMAiAMBkAMAmAMUoAMBqgPHAwrdAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTBjYWRkMzFlLTg5MWQtNDM5Mi05YzI3LTFmZjk4ZGEyYzBmMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MGNhZGQzMWUtODkxZC00MzkyLTljMjctMWZmOThkYTJjMGYwJnJlZ2lvbj1lbWVhJnJ0eXBlPW51cmwmdGFnSWQ9MjY2ODQ1NzkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmEFGXxfcDJmX3pib3Z5ciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0R8MlQUklDRX0SBTEyMDg1GhM2NzUyNDYzMDgzNzg2NjM3Mjk5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56YzFNVFUzTmprM056UTRNRGtqTWpNeU9UTXhOVE00TkRJek5EUTJPQT09wAPYBMgDANgDkLmGAuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDDE3Ni42Ny44MS4zMKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AS6QasM-gQSCUHLECDgQkARQe_wTJt0WMCIBQGYBQCgBfzoubW51sDFbaoFI2I4ZTFkMmNiOWMyOC0xNzc1LTIyNmQtOTY2YTRhYjBkMjJhwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBaP-HfoFBAgAEACQBgCYBgC4BgDBBgkkLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfQ2AXSBw0BvgUBASYI2gcGAV7wfxgA4AcA6gcCCADwB66KcooIRwpDAAABkzLeXXBdtZFmDAqP87HARNWD85KcsEMZffqU_liBJt0DUlQpPqVeivA9q3AzgrWTZAwD8j--3SeNAO135gsWKRABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGADaCAQIACAA4AgA&s=507f8b1378f52571bd610cfc168a4e619acf642e&type=pv&jm=1003&px=1114&py=501&bw=300&bh=300&sf=0.96&sid=9164672541464372932&vd=ct~0|rr~5&sv=246&tv=view7-1hs&ua=chrome52&pl=linux&x=v&tag_id=26684579&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/246/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
an-x-request-uuid: 8498283d-8d78-4ff4-9e9e-8b7a68f0a6d5
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:36 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2e6d09a2-6963-412b-a4bd-9815ef2cfe79&bidId=15000&bidderId=4&cmExpId=LV2&impId=6752463083786637299&oAdUnit=391466&publisherId=162645...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c0fb9cde4854ddf895d7620a8f195f2&tids=15000&med=10

0
18 B

77ms
77ms

Image
text/plain

2.23.209.187
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c0fb9cde4854ddf895d7620a8f195f2&tids=15000&med=10
Protocol: H3
Server: 2.23.209.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-23-209-187.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private,no-store
x-cdn-traceid: 0.3bd01702.1731725256.84f75cc
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9508E70EB9C40BE982190CEA7710E35 Ref B: FRA31EDGE0721 Ref C: 2024-11-16T02:47:36Z
quic-version: 0x00000001
alt-svc: h3=":443"; ma=93600
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length: 0
date: Sat, 16 Nov 2024 02:47:36 GMT
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c0fb9cde4854ddf895d7620a8f195f2&tids=15000&med=10
x-cdn-traceid: 0.3bd01702.1731725256.84f759c
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 88D8F652C6A94C69B9DBF10FBAC6B649 Ref B: FRA31EDGE0209 Ref C: 2024-11-16T02:47:36Z
quic-version: 0x00000001
expires: 0
alt-svc: h3=":443"; ma=93600
content-length: 146
date: Sat, 16 Nov 2024 02:47:36 GMT
content-type: text/html; charset=utf-8
vary: Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 12ms
12ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&domain=us.desenhopracolorir.com.br&cw=1&pbt=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://us.desenhopracolorir.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 16 Nov 2024 02:47:36 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 219270
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 477 B
1 KB 15ms
14ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&domain=us.desenhopracolorir.com.br&cw=1&pbt=1&lsw=1&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

36daec817dc84c0b3eeb39e4c17d59624121ac83fd8461ff547a696ee3ce08d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 871770
expires: 0
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:36 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
429 B 29ms
29ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8526f98af1db69fcff58c83e8a75d0bf424b7267800f1c8d0bb4e47aac63eb9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://us.desenhopracolorir.com.br/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
expires: Mon, 16 Dec 2024 02:47:36 GMT
access-control-allow-origin: https://us.desenhopracolorir.com.br
date: Sat, 16 Nov 2024 02:47:36 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H2 204 /
onetag-sys.com/usync/ Frame 838E 0
0 27ms
26ms Document
text/plain 51.89.9.253
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1731725253680&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 usersync
ssp.wp.pl/bidder/ Frame FD99 0
0 126ms
43ms Document
text/html 212.77.99.29
WirtualnaPolska W...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=85792606238868830000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 02:47:37 GMT
last-modified: Thu, 22 Aug 2024 12:38:28 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 8676 0
0 37ms
13ms Document
text/plain 163.5.194.37
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.37 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
date: Sat, 16 Nov 2024 02:47:36 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 4BB7 0
0 12ms
12ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 75799
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 16 Nov 2024 02:47:36 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1451771, 254290
X-Served-By: cache-lga21993-LGA, cache-ams2100107-AMS
X-Timer: S1731725257.917058,VS0,VE0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 5A9D 0
0 62ms
12ms Document
text/html 89.149.193.101
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.101 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache,no-store
content-length: 957
content-type: text/html
date: Sat, 16 Nov 2024 02:47:36 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H2 200 be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame CE36 0
0 47ms
16ms Document
text/html 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Requested by: Host: us.desenhopracolorir.com.br
URL: https://us.desenhopracolorir.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Sat, 16 Nov 2024 02:47:37 GMT
expires: Sat, 16 Nov 2024 02:47:37 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

POST
H2 200 aggregate Show response
bis6.vidazoo.com/ Frame EE01 0
183 B 313ms
92ms XHR
text/plain 157.230.176.78
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bis6.vidazoo.com/aggregate
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/wgt/odin/1.0.16/widget.serverless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.176.78 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 16 Nov 2024 02:47:37 GMT
content-type: text/plain
access-control-allow-headers: *

GET
H2 200 sync
eb2.3lift.com/ Frame 986D 0
0 94ms
18ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1096
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 02:47:37 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 isyn
prebid.a-mo.net/ Frame 40D7 0
0 18ms
17ms Document
text/plain 163.5.194.37
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.37 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
date: Sat, 16 Nov 2024 02:47:37 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 /
sync.kueezrtb.com/api/sync/iframe/ Frame 6C26 0
0 347ms
89ms Document
text/html 198.199.89.209
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.199.89.209 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
content-length: 109
content-type: text/html
date: Sat, 16 Nov 2024 02:47:38 GMT
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 0D4B 0
0 36ms
35ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 02:47:37 GMT
etag: "28052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 iframe.html
sync.sparteo.com/sync/ Frame 59C9 0
0 148ms
76ms Document
text/html 104.18.30.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.sparteo.com/sync/iframe.html?from=prebidjs&gdpr=0&gdpr_consent=
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, authorization, accept
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8e34284e393c9712-AMS
content-encoding: gzip
content-type: text/html
date: Sat, 16 Nov 2024 02:47:38 GMT
last-modified: Thu, 07 Nov 2024 14:58:55 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding

GET
H2 200 /
csync.smilewanted.com/ Frame ABB7 0
0 175ms
108ms Document
text/html 104.22.30.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.30.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8e34284e3dd8b987-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 02:47:38 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd
moneytizer-d.openx.net/w/1.0/ Frame A9CB 0
0 69ms
60ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 494
content-type: text/html
date: Sat, 16 Nov 2024 02:47:37 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 syncframe
gum.criteo.com/ Frame A866 0
0 16ms
14ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=us.desenhopracolorir.com.br&gpp=

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.16.0u2.0.19/1988be2d54262486432f6f08a8752fe9/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://us.desenhopracolorir.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 02:47:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 790736
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ 43 B
479 B 308ms
106ms Image
image/gif 98.82.157.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=70e41d82-3893-4b7f-85ba-640f49dcb49f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-157-137.compute-1.amazonaws.com

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: 6JM21SKCJ7GAJSAMB875
Content-Length: 43
Date: Sat, 16 Nov 2024 02:47:38 GMT
Content-Type: image/gif
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

GET
H/1.1 200
OK prebid
b1h.zemanta.com/usersync/ 26 B
388 B 109ms
106ms Image
image/gif 64.74.236.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.74.236.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="We do not support P3P header."
content-length: 26
date: Sat, 16 Nov 2024 02:47:37 GMT
content-type: image/gif

GET
H2 204 v1
match.sharethrough.com/universal/ 0
58 B 68ms
19ms Image
text/plain 18.195.234.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.195.234.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-234-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2

200

um
u-ams03.e-planning.net/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=0CC7386A-D5A3-4B90-AEEB-3E67F8FEF4D3&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7Bvisitor_cookie%7D%26dc%3D83623068d1df1220%26fi%3D87be82dd6...
https://u-ams03.e-planning.net/um?uid={visitor_cookie}&dc=83623068d1df1220&fi=87be82dd63ab617a

42 B
103 B

14ms
14ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid={visitor_cookie}&dc=83623068d1df1220&fi=87be82dd63ab617a
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

date: Sat, 16 Nov 2024 02:47:37 GMT
content-type: image/gif
server: openresty

Redirect headers

keep-alive: timeout=25
location: https://u-ams03.e-planning.net/um?uid={visitor_cookie}&dc=83623068d1df1220&fi=87be82dd63ab617a
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
p3p: CP="NID DSP ALL COR"
date: Sat, 16 Nov 2024 02:47:37 GMT
x-xss-protection: 0
server: nginx

GET
H2 200 70e41d82-3893-4b7f-85ba-640f49dcb49f
pr-bh.ybp.yahoo.com/sync/sharethrough/ 43 B
426 B 93ms
33ms Image
image/gif 52.16.54.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/sharethrough/70e41d82-3893-4b7f-85ba-640f49dcb49f?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-39.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Sat, 16 Nov 2024 02:47:37 GMT
content-type: image/gif
server: ATS
x-frame-options: DENY

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 31ms
28ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-length: 70
date: Sat, 16 Nov 2024 02:47:37 GMT
content-type: image/gif
server: Kestrel

GET

um
u-ams03.e-planning.net/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26...
https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=87be82dd63ab617a

0
0

GET
H2 200 p-_jQ037pSmtjhN.gif
cms.quantserve.com/pixel/ 43 B
167 B 46ms
25ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-store, proxy-revalidate
content-length: 43
date: Sat, 16 Nov 2024 02:47:37 GMT
content-type: image/gif

GET
H2 204 sharethrough
tr.blismedia.com/v1/api/sync/ 0
173 B 86ms
17ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/sharethrough?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

via: 1.1 google
date: Sat, 16 Nov 2024 02:47:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

k-n7bJEtEwd_kRiYavAaATRyMLvnic9mE3U45fFg
csync.smilewanted.com/set_partner_userid_get/criteo/
Redirect Chain

https://x.bidswitch.net/sync?ssp=criteo&custom_data=UErapl9YJTJGc3phejRrWVZVTDVXajNjcUdnS2UlMkJKMWVkc2ZDU0JER0M5TCUyRmJtbmJRJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-6sFOb9Ew...
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=UErapl9YJTJGc3phejRrWVZVTDVXajNjcUdnS2UlMkJKMWVkc2ZDU0JER0M5TCUyRmJtbmJRJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-6s...
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
https://widget.us.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-6sFOb9Ewd_kRiYavAaATRyMLvng5cQK-Na3voA&gdpr=0&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=P6aBnV9QVkJZZEN0RTVPa01QVW9OJTJGaGZOTWdWNW8zcnE0WEZtUEtmUktaSWUwaDVDUTd2MUNLeW9GS1NwZTVKaVhieFFJUWl0MWEwc0hNWE5LRzJXeHlubWxHRjBBdG1TYnhOMzdSV1NvdGI5akN...
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-n7bJEtEwd_kRiYavAaATRyMLvnic9mE3U45fFg

0
482 B

137ms
113ms

Image
text/html

104.22.30.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-n7bJEtEwd_kRiYavAaATRyMLvnic9mE3U45fFg
Protocol: H2
Server: 104.22.30.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-ray: 8e3428519b020a47-AMS
date: Sat, 16 Nov 2024 02:47:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
location: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-n7bJEtEwd_kRiYavAaATRyMLvnic9mE3U45fFg
content-length: 0
date: Sat, 16 Nov 2024 02:47:37 GMT
server: Kestrel
cross-origin-resource-policy: cross-origin

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dM5zGlF9uQ1hsejhJSllWV2NnSFNYRE5NaHB6MVg0SVFPRSUyQlE1OXVHYzRjb2thY2MlM0Q%26u%3d%24UID&gdpr=0&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=M5zGlF9uQ1hsejhJSllWV2NnSFNYRE5NaHB6MVg0SVFPRSUyQlE1OXVHYzRjb2thY2MlM0Q&u=219247319205787899&gdpr=0&gdpr_consent=

0
142 B

62ms
14ms

Image
text/plain

178.250.1.57
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=M5zGlF9uQ1hsejhJSllWV2NnSFNYRE5NaHB6MVg0SVFPRSUyQlE1OXVHYzRjb2thY2MlM0Q&u=219247319205787899&gdpr=0&gdpr_consent=

Protocol

Server

178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://us.desenhopracolorir.com.br/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Sat, 16 Nov 2024 02:47:37 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://ssp-sync.criteo.com/user-sync/match?p=M5zGlF9uQ1hsejhJSllWV2NnSFNYRE5NaHB6MVg0SVFPRSUyQlE1OXVHYzRjb2thY2MlM0Q&u=219247319205787899&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.81.30; 176.67.81.30; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 5d5b4a61-d019-4757-8dc9-3aa66180ee5a
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 16 Nov 2024 02:47:38 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 204 unip Show response
trc-events.taboola.com/1328113/log/3/ 0
254 B 12ms
12ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1328113/log/3/unip?en=pre_d_eng_tb&tos=4650&scd=0&ssd=1&est=1731725253638&ver=36&isls=true&src=i&invt=3000&msa=6488&rv=1&tim=1731725258288&vi=1731725253635&ri=2c04a67fbf97462960a5d8ccb84effdb&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1328113/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://us.desenhopracolorir.com.br/

Response headers

access-control-allow-origin: https://us.desenhopracolorir.com.br
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Sat, 16 Nov 2024 02:47:38 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1328113/log/3/ Frame 0
0 12ms
12ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1328113/log/3/unip?en=pre_d_eng_tb&tos=4650&scd=0&ssd=1&est=1731725253638&ver=36&isls=true&src=i&invt=3000&msa=6488&rv=1&tim=1731725258288&vi=1731725253635&ri=2c04a67fbf97462960a5d8ccb84effdb&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fus.desenhopracolorir.com.br%2F&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://us.desenhopracolorir.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://us.desenhopracolorir.com.br
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 16 Nov 2024 02:47:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241112&jk=2456334195064758&bg=!5uWl5arNAAY7_TBtG_07ADQBe5WfOP0-5jbDkCWSdzaTNBGRvPJP3QBMQs4gMZz_Rk8BY1Jgpw0VXlcol1pGFtO2ZFc9AgAAAEBSAAAABGgBB34ANrkHZ4v6ylme5cnPASDP6QzEz3yI2kaKGPwa8UlpKFPbCeTpPlqeXyRPyjg0cKeYRAVXcr-PSAoAFZeqEJmcfXlD_ScMmbabzz2FOPUnGpkCmQUSj1l7apOUP22xzBtHRGvWSV1sj36l0ans8qLdosHRWkbSG6_maiXLo7L21xDnV4l3GfMnr65kNwtK-Emn4XpVvwwacE_RlI0kzbT-1EfY3nD-YS2KibiAjD_PSisr1wFOBOVj5oWDS3nzZDK9iXDQTtUAUJIgDK1a1S5rIDWd0MbOG2d773DGuTiABtzImZEzubBhG_AQN00c6-1EVSXGo4iEmpJT61myUpg9tK9A5k7BPjBeRKqdzAP0ZvMqSMMIS6KE-dv8rlKb2TtjQvVlhVpal88YKyFM6-Qx8UH4noH7ebxzbnrwgS-dQTehmi0EfMSAj5mYqO0qc_UjMe_vBUZdJIR4A8l4RfqUv0ugHIQC-WXw3utN6KnM5A7RQTe_ayduBPdhv8VIrLVvSpXiaZ_oJ79KESib43SmAhrpfxAu9U_lwdEbZ3q6CX6NGaIEHvbxllW36O6sSPfTVWqB6I21LX_S-qJdumHNxwAI9-aM2vnNmfnXdk53vqaZtwehwljRQ8mBIDyj92wmVf9xIW0zdeMIaf3pwNjcp3WUrd6jPQb9k5D3wIqJqI0vkDcFuDFbLn1AMOb3U0Aym7DUWjr-plI_g1i3RMlm1_3gJ2UkZ3mdB0WR7fOeka-uJmQFBVpxFsMZM5N0Qd_QDg_4nzElXfNcEkkeckFRmzZ4EmK4kH-x8baHOti17y5pUPZRGwuj5z7cD8wec_O-6yiuCT--8uxbqLV5xHOLD7HjGgMPqEIFhHwfMlFAqUaBSWGbGe2Fdu0rHZWN0aOWzMxklM5-VHEHp8vardqMLjeuybXNkOgcrllz9vqRjJv5Yud8VRIUseeaw5DAC4wXInM6BRK7HLjDTvlrZSGPnWgKW1Bvg-37lHK3

Domain: u-ams03.e-planning.net
URL: https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=87be82dd63ab617a

Verdicts & Comments Add Verdict or Comment

727 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

120 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-21 03:11:41	Name: sync Value: CgoIgAIQ1dn5lrMyCgoIoQEQ1dn5lrMyCgoI4gEQ1dn5lrMyCgoI5gEQ1dn5lrMyCgoIhwIQ1dn5lrMyCgkIOhDV2fmWszIKCQgbENXZ-ZazMgoKCIwCENXZ-ZazMgoKCKwCENXZ-ZazMgoJCF8Q1dn5lrMy
.smartadserver.com/api	1970-01-21 03:11:41	Name: pid Value: 4547534016728975167
.criteo.com/	1970-01-21 10:23:41	Name: receive-cookie-deprecation Value: 1
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0
.desenhopracolorir.com.br/	1970-01-21 10:38:05	Name: _ga_WSVJYTF9TJ Value: GS1.1.1731725253.1.0.1731725253.0.0.0
.desenhopracolorir.com.br/	1970-01-21 10:38:05	Name: _ga Value: GA1.1.1926116987.1731725253
.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: cf_clearance Value: D46RbXYFYGbQSSS2E8ZWNXDc.bxJhzCF4Way8IKDSIg-1731725253-1.2.1.1-ACc0ueDpSQQXaGIOOrARruZZVQCkO9I_4HVLj19uIlCxeXmQJb4E30vEb7sZ7bYvnLPgaacGoRxnYexx_AftM7HBJQXZLWgZkW8AbWQjGX0fdUxMFSoFEkWWhf6VS4acGmlxKklZuop_8Z38QUpY1SL3DMxT_tDnoIxrhqVH4tAnzoN6T1fyn6Mu9NmsxTfSxlla0P7MzoRC6u9kx13ALDqXmd0XmCXQ3yU4Jk8d.jDyaHqgPywBwvkK5f7E6aw1jV86vtL8fne1inPyhZxGh34bYSLFF6f.BOs.ArrqL7WeavB2YG1sDGGhXG9ykqkpVpGpUrQoekiVf8UiGUJ07ICSm3vjT.CEhAF7y48GmE_86nRN_JlJPtxf3T4lXm0G
.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: _hjSessionUser_3845466 Value: eyJpZCI6IjU0MmRlMGY1LTFlZjEtNWY1MC04YmVjLWNmNTJkNTJmNjE0ZiIsImNyZWF0ZWQiOjE3MzE3MjUyNTM0MzksImV4aXN0aW5nIjpmYWxzZX0=
.desenhopracolorir.com.br/	1970-01-21 01:02:07	Name: _hjSession_3845466 Value: eyJpZCI6ImFmZWFkYjMyLTFhZDYtNDUwZC04YmM0LTczZjcwNjJhMTA2NCIsImMiOjE3MzE3MjUyNTM0NDAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.us.desenhopracolorir.com.br/	1970-01-21 10:23:41	Name: usprivacy Value: 1N--
.desenhopracolorir.com.br/	1970-01-21 03:11:41	Name: _gcl_au Value: 1.1.2070183189.1731725253
.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: _sharedID Value: 2ce22d9e-7ae7-48d2-b343-b11b019115ee
.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: _sharedID_cst Value: kSylLAssaw%3D%3D
.adnxs.com/	1970-01-21 10:38:05	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:11:41	Name: XANDR_PANID Value: DSRrrvRqsz3haf40wz5a_G1nr6nU9mmmuyJbz7_J8IT86WwcsY9i6L-L42Ofn1mQBUE_zYHBPdULa4ucy16tWkT46sNso-o1pXt6AU_EUZw.
.adnxs.com/	1970-01-21 03:11:41	Name: icu Value: ChkIh9ubARAKGAEgASgBMMWP4LkGOAFAAUgBEMWP4LkGGAA.
.adnxs.com/	1970-01-21 03:11:41	Name: uuid2 Value: 219247319205787899
.desenhopracolorir.com.br/	1970-01-21 03:11:41	Name: sharedid Value: 3640a9fe-aaa1-4233-884d-6faaeb812e4e
.desenhopracolorir.com.br/	1970-01-21 03:11:41	Name: sharedid_cst Value: kSylLAssaw%3D%3D
.criteo.com/	1970-01-21 10:23:41	Name: uid Value: 2178b37f-9e4f-459c-861f-f5f369087bda
.crwdcntrl.net/	1970-01-21 07:30:50	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-21 07:30:50	Name: _cc_id Value: 99499273aca5c78b466772c1e0e704eb
.crwdcntrl.net/	1970-01-21 07:30:53	Name: _cc_cc Value: "ACZ4nGNQsLQ0sbQ0MjdOTE40TTa3SDIxMzM3N0o2TDVINTcwSU1iAIJ0C%2FajDAgAAEBrCf4%3D"
.crwdcntrl.net/	1970-01-21 07:30:53	Name: _cc_aud Value: "ABR4nGNgYGBIt2A%2FygAHABFXAWw%3D"
.desenhopracolorir.com.br/	1970-01-21 07:30:53	Name: _cc_id Value: 99499273aca5c78b466772c1e0e704eb
.desenhopracolorir.com.br/	1970-01-21 01:12:10	Name: panoramaId Value: 52162f1ffb164582d1f9337fd9d6185ca02ccada1e2c8e78bc1de91027327d0a
.desenhopracolorir.com.br/	1970-01-21 01:02:05	Name: lotame_domain_check Value: desenhopracolorir.com.br
.desenhopracolorir.com.br/	1970-01-21 01:12:10	Name: panoramaId_expiry Value: 1732330053962
.desenhopracolorir.com.br/	1970-01-21 01:12:10	Name: panoramaIdType Value: panoDevice
.openx.net/	1970-01-21 09:47:41	Name: i Value: dc25fa4b-a6de-4d17-9e97-473da449d6b8\|1731725253
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-21 10:38:05	Name: E Value: AEyXMOkwCjCv0z-D
.quantserve.com/	1970-01-21 10:32:19	Name: mc Value: 673807c6-20efa-bdf8f-8883a
.sharethrough.com/	1970-01-21 01:45:17	Name: stx_user_id Value: 4e23ca76-ea02-4b23-b771-9a26e99a8567
.3lift.com/	1970-01-21 03:11:41	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:38:05	Name: IDE Value: AHWqTUnKZsDcDLd6ujnutuwtZJLpCYkEhZBIpV3XzDJgs2mj7yBW_MONYScs18aKhuA
.360yield.com/	1970-01-21 03:11:41	Name: tuuid_lu Value: 1731725254
.desenhopracolorir.com.br/	1970-01-21 10:23:41	Name: __gads Value: ID=17d0fcf2e5db8ea1:T=1731725253:RT=1731725253:S=ALNI_Mb8ilttuxb_wVDdmUVSEdeTHvngUQ
.desenhopracolorir.com.br/	1970-01-21 10:23:41	Name: __gpi Value: UID=00000f32de1e50ef:T=1731725253:RT=1731725253:S=ALNI_MYDiuRmyIRt1ksZ0XsnuncnXZnyzw
.desenhopracolorir.com.br/	1970-01-21 05:21:17	Name: __eoi Value: ID=6e14d0d98f712ff9:T=1731725253:RT=1731725253:S=AA-AfjbIHc1Ve2AitKEJ2lfaBs0O
.rubiconproject.com/	1970-01-21 09:47:41	Name: khaos Value: M3JKI5SH-D-8OF1
.3lift.com/	1970-01-21 03:11:41	Name: tluid Value: 3314261299151229628879
.360yield.com/	1970-01-21 03:11:41	Name: tuuid Value: 03527ce2-1c6d-49c6-b814-8766b2c69726
.rubiconproject.com/	1970-01-21 09:47:41	Name: khaos_p Value: M3JKI5SH-D-8OF1
.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: FCNEC Value: %5B%5B%22AKsRol9iroZzQRE2bmIU5XTNcLf781kMZR242kVPnTWMCDKDCdEbl1v4a9cK-HbXuoWHyOHEDUURldZdoIcfzfMUsi632TgkvmckFXxOoyiF43EnQUKwudsAvwe6tY88ff4UQPI_1YdWaeA9KmPXek-sK1EkTPi9iQ%3D%3D%22%5D%5D
.rubiconproject.com/	1970-01-21 03:11:41	Name: receive-cookie-deprecation Value: 1
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: _au_1d Value: AU1D-0100-001731725255-YQNUXSKF-F16K
.tapad.com/	1970-01-21 02:28:29	Name: TapAd_TS Value: 1731725254676
.tapad.com/	1970-01-21 02:28:29	Name: TapAd_DID Value: 885eeafb-df5d-41ac-9e27-427e45d6c75e
.tapad.com/	1970-01-21 02:28:29	Name: TapAd_3WAY_SYNCS Value:
.kueezrtb.com/	1970-01-21 01:02:06	Name: vdzj1_c4e756b7 Value: DvN147YL3t6CrwtC3JtTHs8UgZCLRcFB2EJEVYBayoGQw4iSk8RIFZ4QgRsLgVNV3NBQUFhH2hCBGkqB0YEJ0BAQidRKBIAYXgGF1R6ShVWbxF8RwA4egEWBnITFEJ3AX1AA2F6VU0Gd0VVWGEFeUNTaX0HQw8gQUFGcQJ9F1Y6LQtEV3RQW1Z1AH0VAWgtAUBVdxRFFXJRfUJUbnlRQlBhXlVCcAQrQgZqdABHBnRFQkxxAHlFUmB6UkIUb1BBR3RSf0wGYX1SFwB3QEBAdwt8EgQ8KgBWGmFEREMiBXsSA2gtUEICcUVDQHsFLExSOy4RWBR1QUAVdQN6RwY4LwVABHRGQ0x1VXJNB2huH1YAdRNBR3FVKRYEbH4ARgd0F0VCegF5Rg97YBFCACdFR0QnC3xGADp6UkVQe0YVEnJSL0IVdW4FR1IlFkVBcQZ%2BFgA4LlFEBCVDQkd1BnxWG3t6AEEAIUBFRSIDfxFRayoLQAciRUBNewtoWBVvfwAXAXUXQUN3BX9FAG4tUExQJxBOEXIRF1gVOiNGGkJhSEdYYVQuBEV7dkgJGmEBEgcwWiUaFWNuUEFUdERPFSUefhdVamFRQ1dxXxURcVBnRg5sfQsWAHJET0d7EWZWVDYiXRFVNxsYGgpXaE4Vb3sBQw97S0UXIQd9EFJsdVVNUnRGFERzETc%3D
.amazon-adsystem.com/	1970-01-21 06:28:58	Name: ad-id Value: A6p_lleSu0DTvsHJ5wHG75A
.amazon-adsystem.com/	1970-01-21 10:38:05	Name: ad-privacy Value: 0
.turn.com/	1970-01-21 05:21:17	Name: uid Value: 3284636752864110541
.linkedin.com/	1970-01-21 09:47:41	Name: bcookie Value: "v=2&e537006b-948e-4296-87de-3bae9263c718"
.linkedin.com/	1970-01-21 05:21:17	Name: li_gc Value: MTswOzE3MzE3MjUyNTQ7MjswMjGx6kxQEyu7i+9BwRwx07Qv4eQOPRnbmUrXTSE0YGFC1Q==
.linkedin.com/	1970-01-21 01:03:31	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3491:u=1:x=1:i=1731725254:t=1731811654:v=2:sig=AQGMWf3YVi0zKiWrRsdAZl8TD4fzoIHI"
.kueezrtb.com/	1970-01-21 01:45:17	Name: vdz_sync Value: b587d960-977d-f3ab-31a5-1544769f0b9a
.kueezrtb.com/	1970-01-21 01:02:06	Name: vdzj1_b52b53b1 Value: 37K14HKtbgCkR10V98tM2kEAxU3BTdDQ3QDY1Z%2BeRJXUHsKaglVNVwKQnt%2BFlReIlthBwV0FRpCe3sSVlVxD2AGBjJbWhJ%2Fc0BXBCFSalMSehsOR38qQlAFc1ozUgZiCw9AfHNCBF5zX2UTHHQPC0Mse0VWUHoIYQcCZAgPFykoFVpXIlxwHRJgCg8VfnoVUFMgXzQDUWdbD0IrfEEAUSVJfhMGZQ5ZQnl4TFFUc1xlBAhkCgtFLXJCA1FhR3AHA2FYDUx5c0UDBHVfYAYEYgEOEnsuElFFb0lkAgc3DwkSfHoVAVF3WWUFBG4PXkwtKRZAS2FdYQZRYAkIR3kqF1RTcVxmBQhgXwBNeHpWTkV1WGVQBTBbW0d7e0NVUntZYQIBMwAOTH5pWEBRcF5kUwJkCFlEfS4SUAF7X2NQB2EAAExqZ1ZUUSdcYgFUbg8KQyt9FVMBe18wVwE3XA5WZGlCUQMlD2AEAmMNWkMpKRZSVSVaZwIGYw8aWGp9R1EEdF03BwdiDw1Ff3wVAV8lDzAIVWcbZVhqKBsXCTdJaAEcdF5cBDppThkab0khVEMlUFcaanFWW1NxXDQGB24UDhIrcllWA3pTfwNSZQEVFnotRFJWJVwzAVFnGxRWKyQaDAIgHzteXh9dGk5qfUJXU3QINgQHMAsARyspRgNWJw5iB1NhG0U%3D
.id5-sync.com/	1970-01-21 03:11:41	Name: id5 Value: 14ad92de-208c-7e32-a76b-91bcea6058bb#1731725253545#5
.bidr.io/	1970-01-21 10:30:35	Name: bito Value: AAB1RE7OcBAAABbqkF6Nmg
.bidr.io/	1970-01-21 10:30:35	Name: bitoIsSecure Value: ok
.smaato.net/	1970-01-21 01:32:19	Name: SCM Value: 3bd3473c52
.smaato.net/	1970-01-21 01:32:19	Name: SCMaps Value: 3bd3473c52
.contextweb.com/	1970-01-21 09:40:29	Name: VP Value: part_APWzKlYu2NN5
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: e0e2f06abdef7313
.id5-sync.com/	1970-01-21 01:02:05	Name: cf Value: gif
.id5-sync.com/	1970-01-21 01:02:05	Name: cip Value: 12
.id5-sync.com/	1970-01-21 01:02:05	Name: gdpr Value: 0\|
.lijit.com/	1970-01-21 09:47:41	Name: ljt_reader Value: JrJHAQZHcfRkksEmRpyqm8K5
.lijit.com/	1970-01-21 09:47:41	Name: _ljtrtb_80 Value: M3JKI5SH-D-8OF1
.go.sonobi.com/	1970-01-21 09:47:41	Name: __uis Value: 90296adb-064e-484c-958f-8b26acccb373
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85143\|ZzgHy
.id5-sync.com/	1970-01-21 03:11:41	Name: 3pi Value: 2#1731725254928#-346528007\|155#1731725255079#118608886
.id5-sync.com/	1970-01-21 01:02:05	Name: cnac Value: 5
.id5-sync.com/	1970-01-21 01:02:05	Name: car Value: 4
.ad.gt/	1970-01-21 09:47:41	Name: au_id Value: AU1D-0100-001731725255-YQNUXSKF-F16K
.ipredictive.com/	1970-01-21 09:47:41	Name: cu Value: 6c171b5e-11ba-4a28-8396-7e8f72912f01\|1731725255107
.zemanta.com/	1970-01-21 09:47:41	Name: zuid Value: eSTIqqyG53A0crcQTVAa
.admanmedia.com/	1970-01-21 01:22:13	Name: admtr Value: 2657b484-ee3c-46b4-ab0a-9d3cc563d2da
.admanmedia.com/	1970-01-21 01:22:13	Name: ac_r Value: CS63
.adform.net/	1970-01-21 01:45:17	Name: C Value: 1
.adform.net/	1970-01-21 02:28:29	Name: uid Value: 7753402044999910135
.adform.net/	1970-01-21 01:12:10	Name: TPC Value: 1731725255541
.bing.com/	1970-01-21 10:23:41	Name: MUID Value: 2005C8827EF66C1426AFDDBB7F7D6DFA
.creativecdn.com/	1970-01-21 09:47:41	Name: g Value: T6CPXR5tE6KagzTPo4de_1731725256124
.creativecdn.com/	1970-01-21 09:47:41	Name: ts Value: 1731725256
.criteo.com/	1970-01-21 10:23:41	Name: cto_bundle Value: J-32Xl9nU2gwZXVZVURUS1BRY2xjQ0l6aHIzeTZ0cHNlbHVJaEpRRWNqRnFwZmRvcDdCSko2MmlIc3R1bXZkV3lhZkx4c094aEVrRkRSU0U4elV4YldPc2FHQW90QkdtTyUyRkpHejNia2k2Smx2NzhtNjZCU2xIZjJqJTJGclhMeFdwU2FtQWJuWWxkdkNNTmZVenpmaWVuTlVXN2xHS1RFMW9VWjVsenRwSDdBZWNhVWU4JTNE
.desenhopracolorir.com.br/	1970-01-21 10:23:44	Name: cto_bundle Value: 4zsR6F91ZjdJQmdMdDN5RDkwVWJMUk5hYjVqQiUyRkVXNTY2UmYlMkJLMlM2QVE5Ulc1SldkdWolMkJwOWxCWnc2aDlyOUJOam1YQkUyTnBOV0ZaWFhDNE9WWFZLekIlMkJVdGpuWSUyQnJseHdTYkV3RkJSWHhwU1hBYnlLWHRJaENoUHlWT25pSU4wSWo4SmxlQURwZG14ODBma2R0RVlqZjlUVlNGViUyQklEUFFhMmJWWSUyQjlYbkx2MCUzRA
.desenhopracolorir.com.br/	1970-01-21 10:23:44	Name: cto_bidid Value: wfstJV80ZERITUhKQyUyQjJzY2Y1TzVEQnFnbGpqTHpmbGhOZVlOZkdCQzFCa2FabVlSU2w4NDV3WHlqc0dzRTV6c2xhd0FDJTJGNUh6cmhndlVKOWFyZzJoYTB5TlVoUlFySjROZ0lpZFlhVkRFaEZFelpBMjhJb1FQdFIxRThrWFRnS1l5bm0
us.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-11-16T02%3A47%3A36%22%7D
us.desenhopracolorir.com.br/	1970-01-21 09:47:41	Name: unifiedid_cst Value: kSylLAssaw%3D%3D
.4dex.io/	1970-01-21 02:28:29	Name: uids Value: eyJzeW5jcyI6eyJlcGxhbm5pbmciOiIyMDI0LTExLTE2VDAyOjQ3OjM0LjA5ODM5MDU1M1oiLCJvbmV0YWciOiIyMDI0LTExLTE2VDAyOjQ3OjM0LjA5ODM4Njc1M1oiLCJydGJob3VzZSI6IjIwMjQtMTEtMTZUMDI6NDc6MzQuMDk4Mzg4MzgzWiIsInJ1Ymljb24iOiIyMDI0LTExLTE2VDAyOjQ3OjM0LjA5ODM3ODM5M1oifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiYjQ1NTNhMjQtYmI4MC00NjJjLTg1YzItMDBkZmU3YzM0YzI1IiwiZXhwaXJlcyI6IjIwMjUtMDEtMTVUMDI6NDc6MzQuMDg5MDE0MjczWiJ9LCJlcGxhbm5pbmciOnsidWlkIjoiQUV5WE1Pa3dDakN2MHotRCIsImV4cGlyZXMiOiIyMDI1LTAxLTE1VDAyOjQ3OjM3LjE5NzY1NzczOFoifSwicnRiaG91c2UiOnsidWlkIjoiZFctaXlZX0NrbnpaVmstTzRRUmpUV3hiaTlMUGV2TVlOdFFobUs4dGx6RSIsImV4cGlyZXMiOiIyMDI1LTAxLTE1VDAyOjQ3OjM2LjE4NjkxNDkzOVoifSwicnViaWNvbiI6eyJ1aWQiOiJNM0pLSTVTSC1ELThPRjEiLCJleHBpcmVzIjoiMjAyNS0wMS0xNVQwMjo0NzozNC42NDM4ODI1NzZaIn19LCJiZGF5IjoiMjAyNC0xMS0xNlQwMjo0NzozNC4wODg5Mjc0MjNaIn0=
.admixer.net/	1970-01-21 03:11:41	Name: am-uid Value: a048149b8f344cd2b677866f789c9ff0
.ads.pubmatic.com/	1970-01-21 01:03:31	Name: KCCH Value: YES
.company-target.com/	1970-01-21 10:38:05	Name: tuuid Value: 6590c1a7-78fa-4b92-8c83-6d1077bb3c84
.company-target.com/	1970-01-21 10:38:05	Name: tuuid_lu Value: 1731725257\|eqx:0
.smartadserver.com/	1970-01-21 10:30:53	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 03:11:41	Name: pid Value: 6313508127985813490
.pxl.iqm.com/	1970-01-21 01:45:17	Name: equativ Value: MTczMjkzNDg1NzQzMw==
.pxl.iqm.com/	1970-01-21 01:23:41	Name: iqm.retarget.uid Value: f06a1181-84c5-44de-b463-1d84d505374c
.smartadserver.com/	1970-01-21 03:11:41	Name: csync Value: 79:2178b37f-9e4f-459c-861f-f5f369087bda\|152:6590c1a7-78fa-4b92-8c83-6d1077bb3c84
.blismedia.com/	1970-01-21 09:47:45	Name: b Value: 673807C98D0B45C628276E14BLIS
.3lift.com/	1970-01-21 03:11:41	Name: tluidp Value: 3314261299151229628879
.openx.net/	1970-01-21 01:23:41	Name: pd Value: v2\|1731725257\|gin0vNvQiygu
us.desenhopracolorir.com.br/	1970-01-21 10:23:41	Name: cto_bundle Value: JVzeEV9oREZJbllpcm5PaVclMkZTVzRIbk5TeVVNWWV6a0dkM2Nrd0ZYSWZMV1ZWOFpjYlFiazRlTlZDbVI0cDZyNDA2TE1McUpJV0JDMzlsYmtISjB2M3BUVFg0SlRSUkQlMkJzWGNGQldjVFVoQVlHRlBLUGFrcDA2czVOJTJCODVwY2VVQUVrb3FFS0Nra1dXNll0OThQanFkQU1DQnJXTiUyRllUWGZHNGxhOW9qZDZTZ2lZWSUzRA
.bidswitch.net/	1970-01-21 09:47:41	Name: tuuid Value: 700d98b1-f80e-4bfa-94a9-162845724717
.bidswitch.net/	1970-01-21 09:47:41	Name: c Value: 1731725258
.bidswitch.net/	1970-01-21 09:47:41	Name: tuuid_lu Value: 1731725258
.c.bing.com/	1970-01-21 01:12:10	Name: MR Value: 0
.rubiconproject.com/	1970-01-21 09:47:41	Name: audit_p Value: 1\|naVuGyos1qq1SXTnxY3S4TRcoWsoQQjrvFkGOAEdaPPvPYObkLxRv0Yql6dt5qgx/oh/9Blh1t/slsCDzt78fCCI33SoFvfUdAcWCncDMSvFw3rvxbkKKL07/Pdk6Ljz
.rubiconproject.com/	1970-01-21 09:47:41	Name: audit Value: 1\|naVuGyos1qq1SXTnxY3S4TRcoWsoQQjrvFkGOAEdaPPvPYObkLxRv0Yql6dt5qgx/oh/9Blh1t/slsCDzt78fCCI33SoFvfUdAcWCncDMSvFw3rvxbkKKL07/Pdk6Ljz
sync.srv.stackadapt.com/	1970-01-21 09:47:41	Name: sa-user-id Value: s%3A0-6d9830c4-40ab-55cc-4b3d-2ebe624561cd.f4hZX6LPWLRa8k4UvfAz0mQ6iFMHApKsroD4ZoD5jvQ
.srv.stackadapt.com/	1970-01-21 09:47:41	Name: sa-user-id Value: s%3A0-6d9830c4-40ab-55cc-4b3d-2ebe624561cd.f4hZX6LPWLRa8k4UvfAz0mQ6iFMHApKsroD4ZoD5jvQ
sync.srv.stackadapt.com/	1970-01-21 09:47:41	Name: sa-user-id-v2 Value: s%3AbZgwxECrVcxLPS6-YkVhzbBDUR4.4ghBIMjkYQt%2FsBXTPBYcEKyKpqQH7Ak8Bo5FObHblgI
.srv.stackadapt.com/	1970-01-21 09:47:41	Name: sa-user-id-v2 Value: s%3AbZgwxECrVcxLPS6-YkVhzbBDUR4.4ghBIMjkYQt%2FsBXTPBYcEKyKpqQH7Ak8Bo5FObHblgI
sync.srv.stackadapt.com/	1970-01-21 09:47:41	Name: sa-user-id-v3 Value: s%3AAQAKICWShvAvSYItAqMiigh9lRPUnzuSJLyGn0lnxX9t3zoAEGcYBCDKj-C5BjABOgRntaa9QgTFiC3w.KzDVek8NuOs%2F4x%2FIF8gtYazWyGEVTszyTnNACZHNyAI
.srv.stackadapt.com/	1970-01-21 09:47:41	Name: sa-user-id-v3 Value: s%3AAQAKICWShvAvSYItAqMiigh9lRPUnzuSJLyGn0lnxX9t3zoAEGcYBCDKj-C5BjABOgRntaa9QgTFiC3w.KzDVek8NuOs%2F4x%2FIF8gtYazWyGEVTszyTnNACZHNyAI
.smilewanted.com/	1970-01-21 09:48:02	Name: sw_user_params_infos Value: HUrSkHWZeNhxldpa6waoK8JGZ7dwSSC71aCj70vfZKLPySAs8rauHK02YwjhKfLLNwEglW2EB9ZVUJhHiPlKOKaaSRQ2M3S4fvp%2F4839bW7%2F%2FSJQzu%2B3FxDUcW2mH3VakyarLhxt0zCWdEIfhYpYv%2F4j8jsfLVwg0PPCny42oVB4moHtIjMb%2B7F3XqgABmxUX4sB4lEoLUmfGz0BhvMXvmy5rW%2FD0fuj%2Fd38yx3G7TZPHytJxdrDiSU%2BKBKvNyJXzVEp6Rf%2BckaAqNB5l54GvXDj5pTOtpF5OHNAG7nHYMIK2qmct7Rt5Iy1Hww6tuNnCf8gJRKVLODCbqVxTJPYaA%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.themoneytizer.com
ads.us.e-planning.net
adsdk.microsoft.com
adtrack.adleadevent.com
b1h.zemanta.com
bcp.crwdcntrl.net
bid.sparteo.com
bis6.vidazoo.com
bisrtb.cootlogix.com
boot.pbstck.com
btlr.sharethrough.com
c.4dex.io
c.amazon-adsystem.com
c0a0221d4b3d1b2a46a475e7d7020994.safeframe.googlesyndication.com
cadmus.script.ac
cdn-ima.33across.com
cdn.adnxs-simple.com
cdn.adnxs.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.pbstck.com
cdn.prod.uidapi.com
cdn.taboola.com
cdn.themoneytizer.fr
ced.sascdn.com
cm.g.doubleclick.net
cmp.inmobi.com
cms.quantserve.com
config.aps.amazon-adsystem.com
creativecdn.com
csync.smilewanted.com
d.turn.com
dis.criteo.com
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
euw-ice.360yield.com
exchange.kueezrtb.com
fastlane.rubiconproject.com
fra1-ib.adnxs.com
fundingchoicesmessages.google.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid-bidder.criteo.com
gtrack.kueezrtb.com
gtrack.kueezssp.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
ids4.ad.gt
image2.pubmatic.com
intake.pbstck.com
inv-nets.admixer.net
invstatic101.creativecdn.com
kvt.sddan.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
metrics.biddertmz.com
moderate.cleantalk.org
moderate9-v4.cleantalk.org
moneytizer-d.openx.net
mp.4dex.io
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
otrack.kueezrtb.com
otrack.kueezssp.com
p.ad.gt
p.cpx.to
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
psb.taboola.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s1.adform.net
script.4dex.io
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
seg.ad.gt
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.wp.pl
static.addtoany.com
static.cloudflareinsights.com
static.criteo.net
static.hotjar.com
static.kueezrtb.com
static.vidazoo.com
sync.go.sonobi.com
sync.kueezrtb.com
sync.sparteo.com
tags.crwdcntrl.net
td.doubleclick.net
tlx.3lift.com
tmzr.themoneytizer.fr
token.rubiconproject.com
tr.blismedia.com
track.adform.net
track.kueezrtb.com
track.kueezssp.com
trc-events.taboola.com
trc.taboola.com
u-ams03.e-planning.net
u.4dex.io
u.openx.net
us.desenhopracolorir.com.br
vc.hotjar.io
widget.us.criteo.com
ww1097.smartadserver.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
ep1.adtrafficquality.google
u-ams03.e-planning.net
104.16.80.73
104.18.23.145
104.18.28.101
104.18.30.80
104.18.31.80
104.22.1.93
104.22.30.209
104.22.34.123
104.22.4.69
104.22.5.69
104.22.53.173
104.22.62.227
104.22.70.197
104.22.71.197
104.26.1.77
104.26.9.169
108.138.6.136
108.138.8.164
116.202.167.155
13.107.246.45
141.226.228.48
142.250.181.225
142.250.185.162
142.250.186.161
142.250.186.162
142.250.186.174
142.250.186.34
142.250.186.72
143.244.162.144
15.197.193.217
151.101.1.44
151.101.129.108
151.101.129.229
157.230.176.78
162.19.138.117
162.19.138.120
163.5.194.37
172.217.16.206
172.217.18.2
172.217.18.4
172.64.153.78
172.64.154.78
172.67.21.232
172.67.23.234
172.67.25.151
172.67.38.106
172.67.71.58
178.250.1.11
178.250.1.3
178.250.1.4
178.250.1.57
178.250.1.9
18.156.199.224
18.195.234.25
18.66.102.53
18.66.102.57
18.66.112.19
18.66.147.27
184.30.211.26
184.30.22.30
185.184.8.90
185.64.191.210
185.89.210.20
188.114.97.3
193.3.178.3
193.3.178.4
198.199.71.70
198.199.89.209
2.23.209.187
212.77.99.29
216.58.206.34
23.32.238.154
23.56.202.187
3.124.64.248
3.160.150.117
3.160.150.38
34.102.146.192
34.111.113.62
34.120.135.53
34.149.40.38
34.242.55.213
34.248.22.168
34.251.239.3
34.96.105.8
34.96.70.87
34.98.64.218
35.214.136.108
35.227.252.103
35.241.34.106
35.244.159.8
35.244.193.51
35.82.75.134
37.157.2.228
37.157.4.21
37.252.173.215
46.228.164.13
5.196.111.64
51.158.29.13
51.81.55.251
51.89.9.253
52.16.53.198
52.16.54.39
52.16.63.113
52.222.236.122
54.194.120.205
54.239.38.253
54.76.15.180
63.32.172.26
64.74.236.127
65.9.66.73
65.9.66.97
69.166.1.35
69.173.144.138
69.173.156.139
74.119.117.16
76.223.111.18
88.198.153.60
89.149.193.101
91.228.74.166
95.101.27.200
98.82.157.137
99.86.3.54
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9
01c42d43a307933ea6279e4537f5d8a1b85545e5d2c67f920a8367afa2b3aee7
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c39e640d97c0a72c193e3feafcb353f92abd0fc367754175e7f258103df577
07615b49d861c736c7e81e551e2043bda308d20edf7517f24280283c9ab3bbf6
07a4a4bc0285ac7d52eba2197f763fde7c14c478c5369da1f489b0d09f3c72fb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1074eddbd49df21926fc2b87285335041c39fdf46fd79af8c91fb8b4864d9328
114b3f4b60c4f118cadbe967416f0099fd19980a1eb8cc9bfce9b20f535c0927
15742d91582a251489797ddc2fcea94e340b96ebe06483c5d6f90560b6277220
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77
1de960e06c174b1fe4e3468e82c837837bcff542a5600369f68e45108fc7e954
1e38954a3882d6c3b96e4c9e361ecac23188952295495ea98f1079a207122ace
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
2078b1fc26057bd40c39f4e55df28c39979d4ee64688a971dcdc2b8516827b5a
27a421e970d60f97ebb773d2b712945167884d4a9a6277f4df9e6fba29a5fb93
27caf50d7ac8b8bb05270836fe93a814e0ca141fc57d77c58b33f5d2a92a60ca
290bbd18a349c2e75f3373e908f1278badd127fc9f3f86f66e7b164cdfa8f2bf
29de0bad732affd5d6a152fae1867154c5e684e76f7a8ee93e33f23e39019091
2a0f2305c29046008bcf792218eaa73aa7e2920cdd72ac20a77487c26d9711e8
2dd1b4e7e2c6ebfd815d4cdf497a829b83e9d30089e9f2cc35830594b78ffd39
2ec58cb4a348452b2adb64330901dc3ed98b3bf4f049f7e3e1f88f9256d9434c
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e
36daec817dc84c0b3eeb39e4c17d59624121ac83fd8461ff547a696ee3ce08d3
36f333abdf93dad492e0f06e970c3e0a581c28d4f9aa04c11e13fa4d94dbbf6f
37229acb67f87ce4eba0b005f8270fca4e20b191cb9a20fcea466b52938d33a8
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ba9de84337ba208fdafeb484461b6bf4dbbef80edf27f7aceb44ebcba1a7518
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5
3f1d61a3fa9939e5df260d43c411893e3b5332f77e881a006382a3a4272eac07
3f8d19ce76637d8cd9e6eadf9274ffec7771753da2204dbb39a416f8318350b4
40e4ed9778159429d6bb78be591a90b5b79554e97a2c3c232350fb2365d83b69
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44262dcb1808a0e5e0d3534a1f0a9ee69d367876ed42f4e4b03da809225b90c2
44f4be72ab12fea81129e2a271d2355673c70f120c149bcf07b75505e66268d3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b5f3353b939f33fe6253326e0d4e1ab8067e2d1ccb762ff314cb544f35b8631
4d89b0d01962d3ac3be300b053b3b61043f576879ec47e0624679aba06b3f2c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
509610981376c29dd498582bf2c3ebd432b2212fe1d011a0623955cc3f1bf785
513d3e865a9976b6d9d208422ff3251206c1c06dc00d1fa188ec4c359b28e5cb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
540d02fea266dd50f591551a0eef3b23b95e7eb55d4d20504c43476a1c96459d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55c40122142b9f808329f491cdb14348a4d5fd223e22f6f9505fed26d796b541
55e0debffbecd2ab5fc5e4840b6b83f7878c82cb8ae71ee68088d738e82e250a
56ec598b83b6346e83ece33871fbeca5303d44ded56350440a9ece2fd49bfc8b
594fccc2d7fb74c0ff01414fb565ffdbbbaa8203e43c3e7a568e05c9a8927429
59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916
5d41fc89d8e639f9f494b47f95f5b15a9c702a2c540bfea6676552f0fc837816
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
6352c8794d89d858481a7925b3bc09af4654071346d6db5e2501a37249f16ea7
660de9ff36492eac770bb95d16726a7ca0764bd93bbee421c097b21d6cf73735
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68473113e3c97b3448acce1b980410fc237b2df36266ae6481f41cad00dd3df3
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6ca96d63988de0f24120559ca6fd43543b198e491de6f2dd3c9a9d17d971dca8
7f88879c607670c2f73802780fc2e5a196a9cbfbb10c4b43114be9e13a60bfec
800613f83dd6a86ce650b60b405feae9f73ff74c9c535360585461e00bf5338f
80eb607e673d011e040d3c7077f1698570746bbdd9e3753ec918562e7f010dc0
82fbcdbe0b2bdc9a7619c5a99684e09abeb12a11c7dcc5e6e3ed2227ee4461b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795
8526f98af1db69fcff58c83e8a75d0bf424b7267800f1c8d0bb4e47aac63eb9c
856229b47d8a29dd99474b72c161622127b3cffaec36aa2dda4b10799888ceac
894ea5ddd71b0df4e8c7df3456c7dd9674fc13612e4d14a1c7827d8f6959dfa7
8950a821c247f5553c9d19215a280aeba5d9bb86fa0a8d78dcf597b8f3047707
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8cb1c0081c560e811765bac08902828ffbf1badcfd210a95bedf6bcf9d5fd7a1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92270a103910feb4bb869c257b300435aa0328e2ba51236446c124d685cd3e0b
92fdf7f7dec4f9790db7e9f1e1819f88dd5dd30dfe147c3c625716eb584fd6f1
9311180b7ea247256e57001cb7eb0ff54a9f203c6018e36087cd6ffb59f888d2
948b85b5a5a67cc3b7e6cfa5a31001ef74e3ccc909e3a4f087f63bf3d2b0de9a
94f19bf6572165a0a9ca7d01eee7587be5c80146c0358a498334ee3bf193b43e
986bc5a8c49a630ef1ebe2e6241be227aeb7bdc2d88ca6ec3465afa44824f3b0
99ac714e1069dd603be814ee92a5bfd8d42810a638471e7934c6e18a06cb7175
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9cd9e0db487bfe6128582f019ee08bc2a49de8019437b6f09535cd32955b7c03
9e328d990cde840b91432a433655ad836b2964d02da804ee0027f6ea15d39357
a1292f92246ebb41eca236860c3438576a105276352894ffc4016149020c4c92
a1ef4f33ffddad22e458e450c66eac8a92e36b7707e9826608c27cb17bfe7f6f
a304c48e151558af981854ec70650fa7fc8c8e669210823f8466455f525130a3
a36c973875384455167daf64b8fc4c5b97eb83ec74bcdf533e4eb5290baa9538
a64d2a4a7bdb66bc621e73b98cfd71a5c412dcc5c99e74a28eca64cc58dbd5ce
a6fc9f53de0a4d3546b8ae8510e62b303cbe56ddd30217858dac8c9e9ca5ff37
a791f97d9f7aab959f5f6a9fd097bd4039b7c998bed18054be3e0455dfada921
a98b6f6f3d579405df2144f16c7fb5ee5a159034d2ca884b826f15e87acd9d57
aa8d9d0611ffdb0ef97c8406d1e76ea1bd26d23ef374a0b83b37db762a77a0fb
aad2cb210735c68bd0935295777f0146f417bd089be75d9ac37fd467f3b6098d
ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4
abc4c24f7cdeabcfa58f96fb120ba7fd52263fe7e3394d24db1ec7ecaee8cc45
abcd54edb9ddb60008817b9e837daf6a3c4c4ba46463ffd75f9330594d40535e
acdc7696b4cc15aa8f3394a324bf57e7b9dcbf75816b90073a568501fc22452c
adbd560ca3517b2046d70dc6bbc3a35a4bc1e5d9cba8f71aad4f6becf4ff6bd4
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b14b1ab75909c4de6bce90fc601a490f5e7f0ca288f808a41fac7cf4ebabfdeb
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b63252dc1d6eb6dd1ec1b461419b1919093d7f69d9074ef7a51f4f243019147d
b8131c7a064bf2576af12a7ec57ce1d429443024756fe64460a172d3256b4c38
bb5d341d00ee38f1c997d1c0f2955ec10a5280ceb4a64be18ba67f3f98a6718c
bd2e3e179ebca8c6291623d3a6375c8452a603ef3e9c5775066cab914dd512eb
c12b6511c47cdeca6bef0fe2d4d12467729955fbead8dd00cd18f714d4b9ec90
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c1b7c704c828ca494c94ca9c978994cbaea107ceed006f3bf0b3b5f71d902cc4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c31254da2ad54748765a19d5692b27bafe5de49e5d766d7f9a46509c4c62ef84
c42b014fd5dbebc651cf8c7ea7bdf76370de80c956f83c3f5f377cc4a47d4c0a
c6ed3c61f2cbf6b793c72e4173c8cf582a7c4ffd6ed7c989b0b92f442959552a
ca6da7ab0791d17b6c746f5331e20435fb2566e3950bc85d67b2e9295132fdb4
cab50a02b3fc9b3bb324095d6424604e78dcd80ccac6a0ac4e78fc014dacc39e
cb0fc3700ca8420ec1e80fb1781357ade7bf4eef92d7d1f119c510e0b61cad85
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd43d3bd3b997bc217284091f0a3c3277390dd116138876b260a27d650b4dfd8
cec584e40e717d0a3faa43400df93d252738bc3c3805137ee2145a7fe3e2a382
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d285fa4847f78f9986d602be8fd08276e03318da733087c984235c47260b0d6c
d49a7138859ecb5c118ff01f6162b301a153332045bd6bc397f1123e8a38ef19
d9c96015a633d51add7b91b455e8397620e77ee66996acef8c00060b012ff207
da77f67aaa0f8941d015f153a11b85d056eb1624dfc4ff88f7552d335dfd4a8f
dcbb405d0bd321bbf62a29da6a2055344deb45afaab97a56e5c9db80d106cf99
e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb
e1c33b75a5f14be85e09bc910b506edf2dccc1052b85ced0405fa6b7f3481a96
e35121a2b55aa9b50e1b68534f06fd8f5f80352c3c166fdcb7cd8de94c728c71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59e428663d7e4e4fa52026631b038ec0cd2ffb34846e9a1ed3418b8dcb4a4d6
e6891b9821bd5d36835e7fb9b8713e2e0d4347ed562e3c6b0d1364f79db8ba42
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e771f03016475cfaf60f03d8f7b402058fb8f08824d775cc7ecb0228e58eb457
e8698a042d483af4b78f7b81eb6a2076537496d7cc3b3759960817e48be3ec1a
eb54bb4f86551b9a6cbee477777912d7f6cb8f12469bbf2423c29e1cb40deb9f
eb7b3428730302896944fa44348bd248de8eb53f01838e4b4f11b31a30cbc2e5
edb6c7358824cfc0cb6ebb6cc13224599ef3a4cb5ee44cc06367517c7b101e87
edb7d3d2ddbb1c891b3b8a41d16bcea188a50b81e3519120d15c3dd6cae595be
edd9677032b50272c7d0256d2bfffc266960424ea37b2018e08409b63595ffcd
ee70c65b470fd058490aac2cfab543a6d465af9800f220ab1eaec11ddcf676ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef21b3a4e9cb3a617bb52016555bdc4ecc3353f58783380c3e2d655e912b7270
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f113cf8f6cfc63c1af1888b868af97a54c76765aeb02f988e0d12e7f88032d4e
f239133f60f8d6b128425c23305e66f28860229ce96ec2381e0a897560280e81
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089
fac80ac162de4d9a13996f2ad55ae6b2e21287010a247e6c7d9dd1857a83331e
faf6d6eadfda9ece1e218645609ae919f4192ed0a875519255e0af8bb8c61208
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
ff1def3c7229ace2c1b93090fa56158b014521855e32768eceb3f0e2c52a53d6
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ff6327a3527d8a63605c7967e0a2339bb09b3902b1864bb05543d097bcc95c5d

us.desenhopracolorir.com.br Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

307 Requests

93 %HTTPS

0 %IPv6

74 Domains

143 Subdomains

112 IPs

9 Countries

3000 kBTransfer

8255 kBSize

120 Cookies

5 Outgoing links

Page URL History

Redirected requests

307 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

us.desenhopracolorir.com.br Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

307
Requests

93 %
HTTPS

0 %
IPv6

74
Domains

143
Subdomains

112
IPs

9
Countries

3000 kB
Transfer

8255 kB
Size

120
Cookies

307 HTTP transactions
2 data transactions