template.mapadapalavra.ba.gov.br Open in urlscan Pro
154.38.174.3  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request military-powerpoint-templates.html Show response template.mapadapalavra.ba.gov.br/en/	29 KB 5 KB	700ms 151ms	Document text/html	154.38.174.3 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.38.174.3 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1534016.contaboserver.net Software Apache / Resource Hash 4cadea2e0161b32a84edf54cdb8395fcb73c212bd99f15c48750a6f918ed11a7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 4976 content-type text/html date Wed, 23 Oct 2024 18:53:26 GMT etag "74c5-6096df45bb500-gzip" last-modified Sun, 05 Nov 2023 20:55:16 GMT server Apache vary Accept-Encoding
GET H3	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	242ms 75ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "269550530cc127b6aa5a35925a7de6ce" age 1249 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 18:53:26 GMT last-modified Mon, 25 Jan 2021 22:04:55 GMT content-type text/css; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 09/26/2024 11:08:39 cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 57a513b031fd067713652bdf3654e97f cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.04 cf-ray 8d73ee0f5cc2918e-FRA access-control-allow-origin * cdn-edgestorageid 1109 server cloudflare cdn-requestcountrycode US
GET H2	200	head.js Show response xss.my.id/theme/eventify/	174 B 300 B	696ms 117ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/eventify/head.js Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 5cde2fe78c8ec960284bab2e1fee07547b2eee84b4993ccc555e4c179dd14ad8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "ae-604fb543f4940-gzip" accept-ranges bytes content-length 160 date Wed, 23 Oct 2024 18:53:26 GMT last-modified Sun, 10 Sep 2023 06:29:17 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	global-icon.png icons.iconarchive.com/icons/graphicloads/seo-services/128/	3 KB 3 KB	277ms 150ms	Image image/png	2606:4700:3038::6815:ebd5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://icons.iconarchive.com/icons/graphicloads/seo-services/128/global-icon.png Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0adcfc955046be680bf327508ee5009c6683b8b0e26537dd50d273e3b9c3818 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-cache-status HIT etag "63e22404-a47" age 6026 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMqRyV9cKmMt1K%2BPHVmi3tYYRScsXMb3IfA5eWdHU9uWV57eBqo8dbjPkSwKtk7s%2B%2FToVHfijf7A%2FjEKZT7H061%2BgbqdKAAgDCcOtDQiaFKUxbI1hs93SMkkw8LwxOebgk%2B9r3ZqLrw%2B4tml1R%2FQhPJ44oU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=28260&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3949&recv_bytes=2238&delivery_rate=124983&cwnd=252&unsent_bytes=0&cid=b18a4a7d13f3d33a&ts=53&x=0" date Wed, 23 Oct 2024 18:53:26 GMT content-type image/png last-modified Tue, 07 Feb 2023 10:12:20 GMT vary Accept-Encoding cache-control max-age=5356800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d73ee1379373a61-FRA accept-ranges bytes content-length 2631 server cloudflare
GET H2	200	plusone.js Show response apis.google.com/js/	63 KB 24 KB	275ms 83ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 720bfd0e4c9fa07000f799f3cd1793e46f9acbe0d33617b9dda71fe7f2d84cb3 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "d8de4c85c679c6d0" report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} x-content-type-options nosniff expires Wed, 23 Oct 2024 18:53:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 18:53:26 GMT content-type text/javascript vary Accept-Encoding content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cache-control private, max-age=1800, stale-while-revalidate=1800 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="gapi-team" cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 24185 x-xss-protection 0 server sffe
GET H2	200	body.js Show response xss.my.id/theme/batman/	486 B 366 B	694ms 118ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/batman/body.js Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 922a33ee8abbaf3bfa552f12cc681297dea93fa5167337397c97e855c0de0978 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "1e6-61ede8bcaeeed-gzip" accept-ranges bytes content-length 291 date Wed, 23 Oct 2024 18:53:26 GMT last-modified Sun, 04 Aug 2024 17:03:57 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	headcode.js Show response xss.my.id/theme/eventify/	2 KB 859 B	121ms 121ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/eventify/headcode.js?v=8814 Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/head.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash eff4699d91a2b392f01f6056d7984494020742966432545c4fbf4060b4655c03 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "6a5-615755124ff40-gzip" accept-ranges bytes content-length 782 date Wed, 23 Oct 2024 18:53:26 GMT last-modified Sat, 06 Apr 2024 22:44:37 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/	317 KB 106 KB	301ms 56ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S5MTG642M7 Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/headcode.js?v=8814 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9047cbe737567cc26a441be455580f3c012bf407962ca3200e7c66e39025ebc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 23 Oct 2024 18:53:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 18:53:27 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 107662 x-xss-protection 0 server Google Tag Manager
GET H3	200	counter.js Show response www.statcounter.com/counter/	35 KB 13 KB	563ms 378ms	Script application/javascript	104.20.95.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.statcounter.com/counter/counter.js Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/headcode.js?v=8814 Protocol H3 Security QUIC, , AES_128_GCM Server 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d661954657cac563efd4b9aef7ccb60f21bf97d17059dee4f5939abfc3515f0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip cf-cache-status HIT etag W/"67192443-8a75" age 4365 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rih%2BFunWCDm%2BUXbVzPMYkt0MNW3Qc65i%2Fu%2F%2FXCOfjGCU0nnU26B77JIgZbY6lMlacZK6UDig3E%2FHT5FyiofaAHpJWkyVOASqQpeWDC%2BU9u2xU%2FBbEVlfGtj69HWCQuVnLLoGSssA"}],"group":"cf-nel","max_age":604800} expires Thu, 24 Oct 2024 05:40:42 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37649&sent=13&recv=10&lost=0&retrans=0&sent_bytes=6374&recv_bytes=4398&delivery_rate=11672&cwnd=12000&unsent_bytes=0&cid=a71097c207d36396&ts=378&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 23 Oct 2024 18:53:27 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 23 Oct 2024 16:28:51 GMT priority u=3,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d73ee168bc76955-FRA server cloudflare
GET H2	200	style.css xss.my.id/theme/eventify/	77 KB 11 KB	159ms 159ms	Stylesheet text/css	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/eventify/style.css Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/headcode.js?v=8814 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 7ab657e99251555499b33e5cbfab26ff3ee2ed96a487a643fc207241e48122e9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "135ff-604d37dd53800-gzip" accept-ranges bytes content-length 11060 date Wed, 23 Oct 2024 18:53:26 GMT last-modified Fri, 08 Sep 2023 06:57:36 GMT vary Accept-Encoding server Apache content-type text/css
GET H/1.1	200 OK	0.gif sstatic1.histats.com/	43 B 163 B	541ms 150ms	Image image/gif	54.39.156.32 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://sstatic1.histats.com/0.gif?4270884&101 Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR), Reverse DNS ns562579.ip-54-39-156.net Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers Content-Length 43 Date Wed, 23 Oct 2024 18:53:27 GMT Content-Type image/gif Connection close
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.n5o4atTRbEk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo89LjB0PzAni2ztsziMpIuu6JMJSg/	155 KB 54 KB	59ms 31ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.n5o4atTRbEk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo89LjB0PzAni2ztsziMpIuu6JMJSg/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa27723b25e5dbcef35d0749609d9a5ea2e4738fa57443dd9e2e154dd7d118bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip age 93328 report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} x-content-type-options nosniff expires Wed, 22 Oct 2025 16:57:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 22 Oct 2024 16:57:59 GMT last-modified Thu, 10 Oct 2024 20:03:27 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access accept-ranges bytes access-control-allow-origin * content-length 54456 x-xss-protection 0 server sffe
GET H2	200	banner-loading.js Show response xss.my.id/ads/	298 B 332 B	160ms 134ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/ads/banner-loading.js Requested by Host: xss.my.id URL: https://xss.my.id/theme/batman/body.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 17d896de76e12861acf4136e208e6015ceaf9ad2a0db8216073137e78440ca9e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "12a-61c7de4eb1a35-gzip" accept-ranges bytes content-length 233 date Wed, 23 Oct 2024 18:53:27 GMT last-modified Fri, 05 Jul 2024 10:54:57 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H3	200	fontawesome-webfont.woff2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 76 KB	105ms 101ms	Font font/woff2	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: stackpath.bootstrapcdn.com URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://template.mapadapalavra.ba.gov.br Referer https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Response headers cdn-status 200 cf-cache-status HIT etag "af7ae505a9eed503f8b8e6982036873e" age 1091561 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 18:53:27 GMT content-type font/woff2 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-cachedat 10/08/2024 00:08:47 cdn-cache HIT cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid fb77f826a16dd96881801659c7cd25f6 cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.04 cf-ray 8d73ee153ba265a6-FRA accept-ranges bytes access-control-allow-origin * content-length 77160 cdn-edgestorageid 1029 server cloudflare cdn-requestcountrycode US
GET H2	200	Free-Army-Powerpoint-Template-and-Google-Slides-Themes-1.jpg myfreeslides.com/wp-content/uploads/2019/11/	78 KB 79 KB	362ms 215ms	Image image/jpeg	192.0.78.249 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://myfreeslides.com/wp-content/uploads/2019/11/Free-Army-Powerpoint-Template-and-Google-Slides-Themes-1.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.249 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 1f7925ad24b0d49d1aae0529bc5da7b87393dec3a4fe603bdd521e4e3619a3e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers strict-transport-security max-age=31536000 cache-control max-age=31536000 etag "6257e45a-138d6" access-control-allow-methods GET, HEAD expires Thu, 23 Oct 2025 18:53:27 GMT accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 80086 date Wed, 23 Oct 2024 18:53:27 GMT x-ac 2.hhn _atomic_ams MISS content-type image/jpeg last-modified Thu, 14 Apr 2022 09:07:38 GMT server nginx
GET H2	200	Military%2BPowerPoint%2BTemplate%2BPreview.jpg 1.bp.blogspot.com/-HIu2l0VnaU0/WcdsBJ7q2PI/AAAAAAAABxk/WMwWd-OP8C0zGUyUvc7ADitiCpznd4oFACLcBGAs/s1600/	80 KB 81 KB	444ms 291ms	Image image/jpeg	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-HIu2l0VnaU0/WcdsBJ7q2PI/AAAAAAAABxk/WMwWd-OP8C0zGUyUvc7ADitiCpznd4oFACLcBGAs/s1600/Military%2BPowerPoint%2BTemplate%2BPreview.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f47de65cd0240361fd139ef2941b5ac9ba32dba877fc6c29ed7bf610fa541adc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers access-control-expose-headers Content-Length timing-allow-origin * cache-control public, max-age=86400, no-transform etag "v71b" x-content-type-options nosniff expires Thu, 24 Oct 2024 18:53:27 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 82195 date Wed, 23 Oct 2024 18:53:27 GMT x-xss-protection 0 content-type image/jpeg vary Origin server fife content-disposition inline;filename="Military PowerPoint Template Preview.jpg"
GET H3	200	us-army-powerpoint-template.jpg cms-assets.tutsplus.com/uploads/users/151/posts/36248/image-upload/	102 KB 103 KB	376ms 301ms	Image image/jpeg	104.17.64.87 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cms-assets.tutsplus.com/uploads/users/151/posts/36248/image-upload/us-army-powerpoint-template.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.64.87 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4da1c50979b843504255dc5e64b165d0913b77ba09369cc9b0ae1615dd24c330 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-bgj h2pri etag "7b1c099c3cc0c9d017c1722c237a87e9" cf-cache-status MISS expires Thu, 23 Oct 2025 18:53:27 GMT alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 18:53:27 GMT content-type image/jpeg last-modified Thu, 17 Dec 2020 00:13:21 GMT vary Accept-Encoding x-amz-id-2 KrPRsXvQtinpGAXnhXClb6AWhH9dBBQ22qa+pzcj2oKtTHJflAGmol5lPaROWCa3qtKxD+fdiQc= cache-control public, max-age=31536000 cf-ray 8d73ee157d4c362a-FRA x-amz-request-id G7S52K3RJFMEFVE7 accept-ranges bytes content-length 104922 server cloudflare
GET H2	200	4150-01-generic-military-template-1.jpg cdn.slidemodel.com/wp-content/uploads/	93 KB 93 KB	184ms 38ms	Image image/webp	2600:9000:2165:e00:1b:322c:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.slidemodel.com/wp-content/uploads/4150-01-generic-military-template-1.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:e00:1b:322c:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software LiteSpeed / Resource Hash 819d1e942104a476bf8ea9259839774a6bee7ccfe9ce855acdbfaebd7b0605c8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers strict-transport-security max-age=31536000 cache-control public, max-age=31536000 age 3666933 via 1.1 419820c97f609bc6c7a0fe8ab9ac7158.cloudfront.net (CloudFront) expires Thu, 11 Sep 2025 08:17:54 GMT accept-ranges bytes alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront content-length 95170 x-amz-cf-id io8CC1Hh6jKPGElPa2cPAoFgrE84il9FD77Qwi9IvgvIrOfHDYE3EQ== date Wed, 11 Sep 2024 08:17:54 GMT content-type image/webp last-modified Wed, 26 Jun 2024 22:03:26 GMT server LiteSpeed x-amz-cf-pop MUC50-P6
GET H2	200	1919581-1593068062677_Slide1.JPG s3.tmimgcdn.com/templates/79954/scr/	153 KB 154 KB	926ms 444ms	Image image/webp	2606:4700:20::ac43:447c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3.tmimgcdn.com/templates/79954/scr/1919581-1593068062677_Slide1.JPG Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:447c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4b1bb4c39e3188f9a7351ec505a028c7a5dff37ada75ebca0a9f942192087a5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-bgj imgq:85,h2pri etag "1d89ef7c6a45f1e8d344d922c128966a" cf-cache-status REVALIDATED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2b%2BvXE%2B5XdWT8KmeT21Zv2GkA8cOkOSEETqeHyY%2FGoGzuFCtPy7Hx3CK8fc1hHX8klTcAac7MogpObPQNsO9oOVwwzNvew6jYTWp9RcLa1ApahqGarVSQKefcTuucKoUZrdShcALtc8bnk8fA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-polished qual=85, origFmt=jpeg, origSize=243584 date Wed, 23 Oct 2024 18:53:28 GMT content-type image/webp content-disposition inline; filename="1919581-1593068062677_Slide1.webp" vary Accept last-modified Thu, 25 Jun 2020 06:54:26 GMT x-amz-id-2 sclbUklQPjZrtiDzwoKbAJE1iqWL8ztxsHHbSNGzzOtTFsa3R5ftUjj5NoBLhzwSfKQOwrjh4f0= cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GCZE5W5X4SV246TS cf-ray 8d73ee180a73d9d3-FRA accept-ranges bytes content-length 156758 server cloudflare
GET H3	200	Special-Force-Hero-Image.jpg cms-assets.tutsplus.com/uploads/users/2273/posts/35186/image/	187 KB 187 KB	261ms 187ms	Image image/jpeg	104.17.64.87 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cms-assets.tutsplus.com/uploads/users/2273/posts/35186/image/Special-Force-Hero-Image.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.64.87 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 221c29e7e5407554d9820d565ceb84b43a64e36bc6051e49707e684ecd6e0ee3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-bgj h2pri etag "590d56223f64fab6985c1905630f4ea2" cf-cache-status HIT expires Thu, 23 Oct 2025 18:53:27 GMT alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 18:53:27 GMT content-type image/jpeg last-modified Sun, 24 May 2020 17:51:27 GMT vary Accept-Encoding x-amz-id-2 ajWHvR5NgjNNLQjsGZJ7NXHSa+IA94PixQKO/Ihp9WWYFYxjHM35OTHkIGJO+LeuOLnTgiK8yPo= cache-control public, max-age=31536000 cf-ray 8d73ee157d51362a-FRA x-amz-request-id 8NENXC3FEXFCR9TT accept-ranges bytes content-length 191116 server cloudflare
GET H2	200	4148-01-general-military-template-16x9-2.jpg cdn.slidemodel.com/wp-content/uploads/	58 KB 58 KB	312ms 166ms	Image image/webp	2600:9000:2165:e00:1b:322c:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.slidemodel.com/wp-content/uploads/4148-01-general-military-template-16x9-2.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:e00:1b:322c:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software LiteSpeed / Resource Hash 5cdd0e8ef40f7c3f7a9d6f45884572a79387392353243e53ffc065006b8605a8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers strict-transport-security max-age=31536000 cache-control public, max-age=31536000 age 2348012 via 1.1 419820c97f609bc6c7a0fe8ab9ac7158.cloudfront.net (CloudFront) expires Fri, 26 Sep 2025 14:39:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront content-length 59010 x-amz-cf-id M0TW4TkPRfEVW83F9HGSQn0zkHLLiVg9UbLSS41lARr6th6VjiC3CA== date Thu, 26 Sep 2024 14:39:55 GMT content-type image/webp last-modified Wed, 26 Jun 2024 21:34:23 GMT server LiteSpeed x-amz-cf-pop MUC50-P6
GET H3	200	05-MILITARY-PowerPoint-Template-Section.jpg images.presentationgo.com/2021/03/	38 KB 39 KB	934ms 829ms	Image image/jpeg	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.presentationgo.com/2021/03/05-MILITARY-PowerPoint-Template-Section.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2929281a4a5aba7e415cfdf866ebee7c1bf00d4bd48d2006cf5fbcbaa21a8037 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-cache-status MISS etag "46ea5b506474cff0a3273c8ac3ebdc8c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wexIBDipSvVS8g%2B6ixBgQ6Sr5T%2BPYuVhWvtu%2F2e0WA2g0hY8s6PiZaFYoKmi7C%2BP3KEYT%2BoqrGcSl6BibXwKxJgNdcU6OlsBTwNHvtikZEdccUEl3IEut1JTJdH6KVEi9%2FSWWNMwDk7nKBdY"}],"group":"cf-nel","max_age":604800} expires Thu, 30 Jun 2022 02:17:55 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=43177&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4488&delivery_rate=476&cwnd=12000&unsent_bytes=0&cid=f4f89d1c3517d8ec&ts=801&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 23 Oct 2024 18:53:28 GMT content-type image/jpeg last-modified Wed, 30 Jun 2021 02:17:56 GMT vary Accept-Encoding priority u=3,i x-amz-id-2 DFHGd5TYfPZA54lOd6nsXFHMa0emt127KEmumghfbKLWFotaVYm0UnRgEuvg9r+Fit+rmOV0fwg= cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Y039AFQ7S5SH5MTD cf-ray 8d73ee15acdc65a9-FRA accept-ranges bytes content-length 38704 server cloudflare
GET H/1.1	403 Forbidden	invoke.js modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/	0 0	445ms 117ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js Requested by Host: xss.my.id URL: https://xss.my.id/ads/banner-loading.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://template.mapadapalavra.ba.gov.br/ Response headers Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Connection keep-alive Access-Control-Allow-Origin * Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Date Wed, 23 Oct 2024 18:53:27 GMT Content-Type application/javascript Host modificationdesignate.com Server nginx/1.19.5
POST H2	204	collect region1.google-analytics.com/g/	0 0	180ms 64ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-S5MTG642M7&gtm=45je4ah0v9165285043za200&_p=1729709606941&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794736~101823847&cid=888156313.1729709607&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729709607&sct=1&seg=0&dl=https%3A%2F%2Ftemplate.mapadapalavra.ba.gov.br%2Fen%2Fmilitary-powerpoint-templates.html&dt=Military%20Powerpoint%20Templates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2147 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S5MTG642M7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://template.mapadapalavra.ba.gov.br cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 18:53:27 GMT content-type text/plain server Golfe2
GET H3	200	t.php Show response c.statcounter.com/	192 B 1 KB	226ms 204ms	XHR application/json	104.20.95.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12561151&u1=D362518A908C4E5692C7798D18A21D91&java=1&security=46479202&sc_snum=1&sess=697241&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//template.mapadapalavra.ba.gov.br/en/military-powerpoint-templates.html&t=Military%20Powerpoint%20Templates&invisible=1&sc_rum_e_s=2225&sc_rum_e_e=2234&sc_rum_f_s=0&sc_rum_f_e=2160&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FaAqugzmZrI44%2B8PjjUf7mtoUA5ZOJFPux2wgsbcYd5p5vi3zWvEYg4Kk%2FThTt2voeL47KksNzoFyKsu6FrBtsayMnH31KIIeG7HbMBkkWjpzQIz0QaKeFs6T%2FH5nLiMNsTNQA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d73ee17dcf96955-FRA expires Mon, 26 Jul 1997 05:00:00 GMT access-control-allow-origin https://template.mapadapalavra.ba.gov.br alt-svc h3=":443"; ma=86400 p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" server-timing cfL4;desc="?proto=QUIC&rtt=49941&sent=26&recv=18&lost=0&retrans=0&sent_bytes=20213&recv_bytes=5325&delivery_rate=207191&cwnd=13200&unsent_bytes=0&cid=a71097c207d36396&ts=730&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 23 Oct 2024 18:53:27 GMT content-type application/json server cloudflare priority u=4,i
GET H2	200	global-icon.png icons.iconarchive.com/icons/graphicloads/seo-services/48/	2 KB 2 KB	39ms 38ms	Other image/png	2606:4700:3038::6815:ebd5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://icons.iconarchive.com/icons/graphicloads/seo-services/48/global-icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ebd5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26d33042231f60c7eb39095c283fdb44996e1824d24412c7e0994738e12c5345 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-cache-status HIT etag "63e22404-7d3" age 3454 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNkIbEW925jXu42If5cdc9dPWmwExNcFpZ40EZiWb3wExmEl0Uv4KzrgDGA66rc6cB7OIoix69%2BC1ILcuHE%2BB7Cg%2FETjbKXucIsgSGDMJrtiLeGw9Sh0l2%2BNSxq43cVbMQek4Vx5dOp1DoGmdMq%2B6eMc7VM%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=55673&sent=16&recv=15&lost=0&retrans=1&sent_bytes=7354&recv_bytes=2361&delivery_rate=124983&cwnd=253&unsent_bytes=0&cid=b18a4a7d13f3d33a&ts=1536&x=0" date Wed, 23 Oct 2024 18:53:28 GMT content-type image/png last-modified Tue, 07 Feb 2023 10:12:20 GMT vary Accept-Encoding cache-control max-age=5356800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d73ee1cbeb73a61-FRA accept-ranges bytes content-length 2003 server cloudflare

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| version function| gtag number| sc_project number| sc_invisible string| sc_security string| ars object| dataLayer object| gapi object| ___jsl object| year object| atOptions object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| _statcounter object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mapadapalavra.ba.gov.br/	1970-01-21 10:04:29	Name: _ga_S5MTG642M7 Value: GS1.1.1729709607.1.0.1729709607.0.0.0
			.mapadapalavra.ba.gov.br/	1970-01-21 10:04:29	Name: _ga Value: GA1.1.888156313.1729709607
			.tutsplus.com/	1970-01-21 00:28:31	Name: __cf_bm Value: Se6uWJijPOkAVMzpKamAHvG.Hz5Q0rTnyuJNNw2qdtQ-1729709607-1.0.1.1-teljT5xSaT7uTGCUSs3GJk_ZSnDvozQvEe7W.e93v2LJKKj0_RGFxL19Txbzh1FkcLLWRK.T6mKYczdTEETHTw
			.template.mapadapalavra.ba.gov.br/	1970-01-21 10:04:29	Name: sc_is_visitor_unique Value: rx12561151.1729709608.D362518A908C4E5692C7798D18A21D91.1.1.1.1.1.1.1.1.1
			.statcounter.com/	1970-01-21 10:04:29	Name: is_unique Value: sc12561151.1729709607.0
			.statcounter.com/	1970-01-21 10:04:29	Name: is_visitor_unique Value: 1729709607427527779

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://xss.my.id/theme/eventify/head.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/theme/eventify/headcode.js?v=8814, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/eventify/head.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/theme/eventify/headcode.js?v=8814, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/body.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/body.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/ads/banner-loading.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/ads/banner-loading.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
apis.google.com
c.statcounter.com
cdn.slidemodel.com
cms-assets.tutsplus.com
icons.iconarchive.com
images.presentationgo.com
modificationdesignate.com
myfreeslides.com
region1.google-analytics.com
s3.tmimgcdn.com
sstatic1.histats.com
stackpath.bootstrapcdn.com
template.mapadapalavra.ba.gov.br
www.googletagmanager.com
www.statcounter.com
xss.my.id
104.17.64.87
104.18.10.207
104.20.95.138
154.38.174.3
167.172.148.114
188.114.97.3
192.0.78.249
192.243.59.13
2001:4860:4802:34::36
2600:9000:2165:e00:1b:322c:43c0:93a1
2606:4700:20::ac43:447c
2606:4700:3038::6815:ebd5
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:82f::2008
54.39.156.32
17d896de76e12861acf4136e208e6015ceaf9ad2a0db8216073137e78440ca9e
1f7925ad24b0d49d1aae0529bc5da7b87393dec3a4fe603bdd521e4e3619a3e4
221c29e7e5407554d9820d565ceb84b43a64e36bc6051e49707e684ecd6e0ee3
26d33042231f60c7eb39095c283fdb44996e1824d24412c7e0994738e12c5345
2929281a4a5aba7e415cfdf866ebee7c1bf00d4bd48d2006cf5fbcbaa21a8037
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4cadea2e0161b32a84edf54cdb8395fcb73c212bd99f15c48750a6f918ed11a7
4da1c50979b843504255dc5e64b165d0913b77ba09369cc9b0ae1615dd24c330
5cdd0e8ef40f7c3f7a9d6f45884572a79387392353243e53ffc065006b8605a8
5cde2fe78c8ec960284bab2e1fee07547b2eee84b4993ccc555e4c179dd14ad8
6d661954657cac563efd4b9aef7ccb60f21bf97d17059dee4f5939abfc3515f0
720bfd0e4c9fa07000f799f3cd1793e46f9acbe0d33617b9dda71fe7f2d84cb3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ab657e99251555499b33e5cbfab26ff3ee2ed96a487a643fc207241e48122e9
819d1e942104a476bf8ea9259839774a6bee7ccfe9ce855acdbfaebd7b0605c8
9047cbe737567cc26a441be455580f3c012bf407962ca3200e7c66e39025ebc7
922a33ee8abbaf3bfa552f12cc681297dea93fa5167337397c97e855c0de0978
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa27723b25e5dbcef35d0749609d9a5ea2e4738fa57443dd9e2e154dd7d118bc
e0adcfc955046be680bf327508ee5009c6683b8b0e26537dd50d273e3b9c3818
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eff4699d91a2b392f01f6056d7984494020742966432545c4fbf4060b4655c03
f47de65cd0240361fd139ef2941b5ac9ba32dba877fc6c29ed7bf610fa541adc
f4b1bb4c39e3188f9a7351ec505a028c7a5dff37ada75ebca0a9f942192087a5