template.mapadapalavra.ba.gov.br Open in urlscan Pro
154.38.174.3  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request workload-distribution-template.html Show response template.mapadapalavra.ba.gov.br/en/	32 KB 6 KB	1368ms 237ms	Document text/html	154.38.174.3 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.38.174.3 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1534016.contaboserver.net Software Apache / Resource Hash 8d3c67ff08c4853fb0b2ab5259e9e1d5ab5ff52c467eda026592e2902c0e59d5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 5507 content-type text/html date Sat, 16 Nov 2024 11:05:38 GMT etag "7e13-6096e6cc27600-gzip" last-modified Sun, 05 Nov 2023 21:28:56 GMT server Apache vary Accept-Encoding
GET H3	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	148ms 42ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "269550530cc127b6aa5a35925a7de6ce" age 623499 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 16 Nov 2024 11:05:39 GMT last-modified Mon, 25 Jan 2021 22:04:55 GMT content-type text/css; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 09/26/2024 11:08:39 cdn-requestpullcode 200 priority u=0,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 6278e1ef7809fc34e3e47bcd4ebcbbfc cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.04 cf-ray 8e3701d39e7a79c4-LHR access-control-allow-origin * cdn-edgestorageid 1109 server cloudflare cdn-requestcountrycode US
GET H2	200	head.js Show response xss.my.id/theme/eventify/	174 B 300 B	1837ms 388ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/eventify/head.js Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 5cde2fe78c8ec960284bab2e1fee07547b2eee84b4993ccc555e4c179dd14ad8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "ae-604fb543f4940-gzip" accept-ranges bytes content-length 160 date Sat, 16 Nov 2024 11:05:40 GMT last-modified Sun, 10 Sep 2023 06:29:17 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	global-icon.png icons.iconarchive.com/icons/graphicloads/seo-services/128/	3 KB 3 KB	275ms 53ms	Image image/png	2606:4700:3038::6815:ebd6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://icons.iconarchive.com/icons/graphicloads/seo-services/128/global-icon.png Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0adcfc955046be680bf327508ee5009c6683b8b0e26537dd50d273e3b9c3818 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-cache-status HIT etag "63e22404-a47" age 391 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZmFC30US%2FM5eWME3eu3hTOJ5gdr%2Fwe3t%2Fx4F%2Bqy2CW2xfMiHncILnZXRucDgwWFsXgINLSzqHr8YcNxP7Tq%2BI%2Bf%2FT7%2BAC%2Fqo4%2BDdnYJs6YkdXsdvdre3OfE7axuqa7LqIlKEqoODJgV0viuTYErQg1ese10%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=3357&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3924&recv_bytes=2238&delivery_rate=1165714&cwnd=252&unsent_bytes=0&cid=786a3d01e78f4dc8&ts=68&x=0" date Sat, 16 Nov 2024 11:05:41 GMT content-type image/png last-modified Tue, 07 Feb 2023 10:12:20 GMT vary Accept-Encoding cache-control max-age=5356800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3701dfd8c19553-LHR accept-ranges bytes content-length 2631 server cloudflare
GET H2	200	plusone.js Show response apis.google.com/js/	63 KB 24 KB	267ms 55ms	Script text/javascript	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0f3af1e716ce7846e7c252ace160c12480d41eecd5a7e7917ee5b2ccde62b51 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "657bf145b0a7c685" report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} x-content-type-options nosniff expires Sat, 16 Nov 2024 11:05:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 16 Nov 2024 11:05:39 GMT content-type text/javascript vary Accept-Encoding content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cache-control private, max-age=1800, stale-while-revalidate=1800 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="gapi-team" cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 24185 x-xss-protection 0 server sffe
GET H2	200	body.js Show response xss.my.id/theme/batman/	486 B 366 B	1829ms 387ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/batman/body.js Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 922a33ee8abbaf3bfa552f12cc681297dea93fa5167337397c97e855c0de0978 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "1e6-61ede8bcaeeed-gzip" accept-ranges bytes content-length 291 date Sat, 16 Nov 2024 11:05:40 GMT last-modified Sun, 04 Aug 2024 17:03:57 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	headcode.js Show response xss.my.id/theme/eventify/	2 KB 859 B	99ms 99ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/eventify/headcode.js?v=69547 Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/head.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash eff4699d91a2b392f01f6056d7984494020742966432545c4fbf4060b4655c03 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "6a5-615755124ff40-gzip" accept-ranges bytes content-length 782 date Sat, 16 Nov 2024 11:05:40 GMT last-modified Sat, 06 Apr 2024 22:44:37 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/	322 KB 108 KB	213ms 62ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S5MTG642M7 Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/headcode.js?v=69547 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9807e379eec53ad71cd9a15a7cbec3e16dae5e764f4b23e504278dff5bf3018e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sat, 16 Nov 2024 11:05:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 16 Nov 2024 11:05:41 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109655 x-xss-protection 0 server Google Tag Manager
GET H3	200	counter.js Show response www.statcounter.com/counter/	35 KB 13 KB	161ms 52ms	Script application/javascript	104.20.94.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.statcounter.com/counter/counter.js Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/headcode.js?v=69547 Protocol H3 Security QUIC, , AES_128_GCM Server 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d661954657cac563efd4b9aef7ccb60f21bf97d17059dee4f5939abfc3515f0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip cf-cache-status HIT etag W/"67371ebd-8a75" age 12891 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=id%2Bmve84PEWVkbUC7kLeoPLAL3Vd1SowFJj5i%2B4UEQRfjNvoPb7t%2BNy7JN76aqY1zl8mjnwLl4s%2B%2BBeMvjljXjtP%2BeTB%2Fio8YVVA4TzAvT2gPrZjUNcwLFxt1s9zDdfkdpvclWbB"}],"group":"cf-nel","max_age":604800} expires Sat, 16 Nov 2024 19:30:50 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27593&sent=12&recv=8&lost=0&retrans=0&sent_bytes=6347&recv_bytes=4303&delivery_rate=171323&cwnd=12000&unsent_bytes=0&cid=2c036ac610013337&ts=62&x=1", cfHdrFlush;dur=0 date Sat, 16 Nov 2024 11:05:41 GMT content-type application/javascript vary Accept-Encoding last-modified Fri, 15 Nov 2024 10:13:17 GMT cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3701dfd88594bd-LHR server cloudflare
GET H2	200	style.css xss.my.id/theme/eventify/	77 KB 11 KB	101ms 99ms	Stylesheet text/css	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/theme/eventify/style.css Requested by Host: xss.my.id URL: https://xss.my.id/theme/eventify/headcode.js?v=69547 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 7ab657e99251555499b33e5cbfab26ff3ee2ed96a487a643fc207241e48122e9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "135ff-604d37dd53800-gzip" accept-ranges bytes content-length 11060 date Sat, 16 Nov 2024 11:05:41 GMT last-modified Fri, 08 Sep 2023 06:57:36 GMT vary Accept-Encoding server Apache content-type text/css
GET H/1.1	200 OK	0.gif sstatic1.histats.com/	43 B 163 B	531ms 177ms	Image image/gif	149.56.240.129 OVH OVH SAS
General Check archive.org Show headers Download Go to Show image Full URL https://sstatic1.histats.com/0.gif?4270884&101 Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.129 Montreal, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns534297.ip-149-56-240.net Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers Content-Length 43 Date Sat, 16 Nov 2024 11:05:41 GMT Content-Type image/gif Connection close
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.N4A9eqvTwsI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA/	155 KB 54 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.N4A9eqvTwsI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54ccfcc9fc6ef004a9ab606b1e4517c8b900573ffadd35f9a3ba2dd1fd6e9ad7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip age 77778 report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} x-content-type-options nosniff expires Sat, 15 Nov 2025 13:29:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 15 Nov 2024 13:29:23 GMT last-modified Thu, 10 Oct 2024 20:03:27 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access accept-ranges bytes access-control-allow-origin * content-length 54429 x-xss-protection 0 server sffe
GET H3	200	fontawesome-webfont.woff2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 76 KB	107ms 105ms	Font font/woff2	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: stackpath.bootstrapcdn.com URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://template.mapadapalavra.ba.gov.br Referer https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Response headers cdn-status 200 cf-cache-status HIT etag "af7ae505a9eed503f8b8e6982036873e" age 959732 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-type font/woff2 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-cachedat 10/08/2024 00:08:47 cdn-cache HIT priority u=0,i=?0 cache-control public, max-age=31919000 cdn-requestpullsuccess True cdn-pullzone 252412 cdn-proxyver 1.04 accept-ranges bytes content-length 77160 cdn-edgestorageid 1029 server cloudflare cdn-requestcountrycode US date Sat, 16 Nov 2024 11:05:41 GMT vary Accept-Encoding cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains; preload cdn-requesttime 0 timing-allow-origin * cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid fb77f826a16dd96881801659c7cd25f6 cross-origin-resource-policy cross-origin cf-ray 8e3701e1286b8885-LHR access-control-allow-origin *
GET H/1.1	200 OK	8538161c-dca5-4c9d-9214-aa83adf9ceca.jpg infogram-thumbs-1024.s3-eu-west-1.amazonaws.com/	25 KB 25 KB	269ms 91ms	Image image/jpeg	3.5.65.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://infogram-thumbs-1024.s3-eu-west-1.amazonaws.com/8538161c-dca5-4c9d-9214-aa83adf9ceca.jpg?1621392556874 Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.65.18 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 0ba70347979990eb4ca850b8b399ea165843befa43e123446b3c5bb94c3ddc5e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers ETag "047076902a53946dcbdb7ebbfbf2471a" x-amz-request-id SZ02NH9J5Y4P2AV2 Accept-Ranges bytes Content-Length 25294 Date Sat, 16 Nov 2024 11:05:42 GMT Last-Modified Mon, 15 Oct 2018 11:23:02 GMT Content-Type image/jpeg Server AmazonS3 x-amz-id-2 lbKBU50potQLeSiF+5SaDSSgFpvBrOQPKZz9A3q/HI3A0XAfz1E9mY0iSosWPdW84m7Wsft+PUs1/hjJamUoMg==
GET H2	200	work_distribution_of_resources_in_various_tasks_slide01.jpg www.slideteam.net/media/catalog/product/cache/1280x720/w/o/	47 KB 47 KB	204ms 72ms	Image image/jpeg	2606:4700:3108::ac42:28ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.slideteam.net/media/catalog/product/cache/1280x720/w/o/work_distribution_of_resources_in_various_tasks_slide01.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:28ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac93bdd2dcc58bcbe33185db148f5c67015bbc5b595d83d898d40f1d0a25e1cd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cache-control public, max-age=315360000 cf-bgj imgq:100,h2pri etag W/"63e55061-c765" age 91152 cf-cache-status HIT speculation-rules "/cdn-cgi/speculation" cf-ray 8e3701e15f3e368d-LHR expires Tue, 14 Nov 2034 11:05:41 GMT cf-polished origSize=51045 access-control-allow-origin * date Sat, 16 Nov 2024 11:05:41 GMT content-type image/jpeg last-modified Thu, 09 Feb 2023 19:58:25 GMT vary Accept-Encoding server cloudflare
GET H2	200	GOyvHWKqS0eDlSipMNgj_2.png kajabi-storefronts-production.kajabi-cdn.com/kajabi-storefronts-production/themes/2150950290/settings_images/	50 KB 51 KB	310ms 175ms	Image image/webp	2606:4700:4400::6812:24de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kajabi-storefronts-production.kajabi-cdn.com/kajabi-storefronts-production/themes/2150950290/settings_images/GOyvHWKqS0eDlSipMNgj_2.png Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:24de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37011df08456a793ebe30b196e0c762ab2eca9f98ab86a3d28dc9e4e7fb3e10f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cf-cache-status HIT etag "46b841bcc669d260005ef16efc2444de" x-amz-version-id null cf-bgj imgq:100,h2pri expires Sun, 16 Nov 2025 11:05:41 GMT cf-polished origFmt=png, origSize=92519 date Sat, 16 Nov 2024 11:05:41 GMT content-type image/webp content-disposition inline; filename="GOyvHWKqS0eDlSipMNgj_2.webp" vary Accept, Accept-Encoding last-modified Wed, 22 Jun 2022 07:54:07 GMT x-amz-id-2 BmzEQVcbdT2e3RbVK61ZH1pE8EHZjav+yD/ZUm31V5UFKkiX+Vbl0uaTMaf6sIWEfXPi6rViwtppBLdHNwVxkmnNa/EnIKHEku9249CQf6I= cache-control public, max-age=31536000 x-amz-request-id 4TWQ716V4YKHD05T cf-ray 8e3701e16bbdcd96-LHR accept-ranges bytes content-length 51052 server cloudflare
GET H/1.1	200 OK	AWA_LandingPageImageMap.png docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/12.2/AWA%20Guides/Content/_Common/Welcome/Images/	62 KB 62 KB	269ms 79ms	Image image/png	78.47.71.66 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Show image Full URL https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/12.2/AWA%20Guides/Content/_Common/Welcome/Images/AWA_LandingPageImageMap.png Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.71.66 Essen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.66.71.47.78.clients.your-server.de Software Apache/2.4.37 (centos) OpenSSL/1.1.1 / Resource Hash 35e4e3f4a73d23cdbd8933f0a5492f7b8d4f37c557bd68030e80ca0fff057746 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers Transfer-Encoding chunked Cache-Control max-age=2592000 Connection Keep-Alive Expires Mon, 16 Dec 2024 11:05:41 GMT Keep-Alive timeout=5, max=100 Date Sat, 16 Nov 2024 11:05:41 GMT Content-Type image/png Server Apache/2.4.37 (centos) OpenSSL/1.1.1
GET H2	200	work_distribution_chart_with_employees_in_different_phase_slide01.jpg www.slideteam.net/media/catalog/product/cache/1280x720/w/o/	48 KB 49 KB	180ms 52ms	Image image/jpeg	2606:4700:3108::ac42:28ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.slideteam.net/media/catalog/product/cache/1280x720/w/o/work_distribution_chart_with_employees_in_different_phase_slide01.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:28ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8547257ea6b6b701da28029a942d3b61f7cee9c0e486512a1d3801d779455d5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cache-control public, max-age=315360000 cf-bgj imgq:100,h2pri etag W/"63e55061-cb84" age 325103 cf-cache-status HIT speculation-rules "/cdn-cgi/speculation" cf-ray 8e3701e15f3f368d-LHR expires Tue, 14 Nov 2034 11:05:41 GMT cf-polished origSize=52100 access-control-allow-origin * date Sat, 16 Nov 2024 11:05:41 GMT content-type image/jpeg last-modified Thu, 09 Feb 2023 19:58:25 GMT vary Accept-Encoding server cloudflare
GET H2	200	work_distribution_chart_with_weekly_hours_slide01.jpg www.slideteam.net/media/catalog/product/cache/960x720/w/o/	56 KB 57 KB	271ms 143ms	Image image/jpeg	2606:4700:3108::ac42:28ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.slideteam.net/media/catalog/product/cache/960x720/w/o/work_distribution_chart_with_weekly_hours_slide01.jpg Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:28ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c11c33e65846163e1632aaccfdbae7d08a1b325262798ea8f0fdb7903aa83a55 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cache-control public, max-age=315360000 cf-bgj imgq:100,h2pri etag W/"5e21b7f8-e956" speculation-rules "/cdn-cgi/speculation" cf-cache-status HIT cf-ray 8e3701e16f46368d-LHR expires Tue, 14 Nov 2034 11:05:41 GMT cf-polished origSize=59734 access-control-allow-origin * date Sat, 16 Nov 2024 11:05:41 GMT content-type image/jpeg last-modified Fri, 17 Jan 2020 13:34:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	IC-Agile-Resource-Planning-Template.png www.smartsheet.com/sites/default/files/	23 KB 23 KB	191ms 32ms	Image image/png	2a04:4e42:400::703 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.smartsheet.com/sites/default/files/IC-Agile-Resource-Planning-Template.png Requested by Host: template.mapadapalavra.ba.gov.br URL: https://template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::703 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7c426f285cc5659b4848ab8a6b6c5bf8a350a3905cad8a34413b50a6499affe6 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers strict-transport-security max-age=31557600 cache-control max-age=2628001 etag "5d9ed15c-5c45" age 1777586 x-timer S1731755141.397159,VS0,VE1 x-lagoon amazeeio-smar1>sigsci-ingress-nginx>smartsheet-www-production-treebeard:nginx>nginx-6fd4b956fd-vq4z8 expires Sun, 01 Sep 2024 13:32:17 GMT accept-ranges bytes x-cache HIT, HIT content-length 23621 date Sat, 16 Nov 2024 11:05:41 GMT content-type image/png last-modified Thu, 10 Oct 2019 06:36:12 GMT x-served-by cache-bfi-krnt7300106-BFI, cache-lcy-eglc8600088-LCY x-cache-hits 173, 0
GET H2	200	banner-loading.js Show response xss.my.id/ads/	298 B 309 B	97ms 96ms	Script text/javascript	167.172.148.114 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://xss.my.id/ads/banner-loading.js Requested by Host: xss.my.id URL: https://xss.my.id/theme/batman/body.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.172.148.114 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 17d896de76e12861acf4136e208e6015ceaf9ad2a0db8216073137e78440ca9e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://template.mapadapalavra.ba.gov.br/ Response headers content-encoding gzip etag "12a-61c7de4eb1a35-gzip" accept-ranges bytes content-length 233 date Sat, 16 Nov 2024 11:05:41 GMT last-modified Fri, 05 Jul 2024 10:54:57 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H3	200	t.php Show response c.statcounter.com/	192 B 1 KB	189ms 181ms	XHR application/json	104.20.94.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12561151&u1=04A6E9BB0E0248A08EE8F85C18A19702&java=1&security=46479202&sc_snum=1&sess=697241&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//template.mapadapalavra.ba.gov.br/en/workload-distribution-template.html&t=Workload%20Distribution%20Template&invisible=1&sc_rum_e_s=3704&sc_rum_e_e=3721&sc_rum_f_s=0&sc_rum_f_e=3628&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22ZkHmI79UkrD%2BZwvpU7YLViMV8sfWD%2BS24eCFHA%2B5e1OyS8qX%2Fcs0OM%2B0j2dZYn4SfGrps6S1fhco9%2Bqf%2FqM73ODUTh5eaBWWyGUH0y3X%2B6Xg95GfM7rirp5BmVZQe5A3dZ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e3701e11a1494bd-LHR expires Mon, 26 Jul 1997 05:00:00 GMT access-control-allow-origin https://template.mapadapalavra.ba.gov.br alt-svc h3=":443"; ma=86400 p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" server-timing cfL4;desc="?proto=QUIC&rtt=37192&sent=26&recv=18&lost=0&retrans=0&sent_bytes=20189&recv_bytes=5322&delivery_rate=52254&cwnd=22200&unsent_bytes=0&cid=2c036ac610013337&ts=394&x=1", cfHdrFlush;dur=0 date Sat, 16 Nov 2024 11:05:41 GMT content-type application/json server cloudflare
POST H2	204	collect www.google-analytics.com/g/	0 0	231ms 77ms	Fetch text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S5MTG642M7&gtm=45je4be0h2v9165285043za200&_p=1731755140965&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=1959438300.1731755141&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731755141&sct=1&seg=0&dl=https%3A%2F%2Ftemplate.mapadapalavra.ba.gov.br%2Fen%2Fworkload-distribution-template.html&dt=Workload%20Distribution%20Template&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3892 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S5MTG642M7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://template.mapadapalavra.ba.gov.br cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 16 Nov 2024 11:05:41 GMT content-type text/plain server Golfe2
GET H/1.1	403 Forbidden	invoke.js modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/	0 0	555ms 184ms	Script application/javascript	172.240.253.132 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js Requested by Host: xss.my.id URL: https://xss.my.id/ads/banner-loading.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://template.mapadapalavra.ba.gov.br/ Response headers Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Connection keep-alive Access-Control-Allow-Origin * Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Date Sat, 16 Nov 2024 11:05:41 GMT Content-Type application/javascript Host modificationdesignate.com Server nginx/1.21.6
GET H2	200	global-icon.png icons.iconarchive.com/icons/graphicloads/seo-services/48/	2 KB 2 KB	245ms 244ms	Other image/png	2606:4700:3038::6815:ebd6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://icons.iconarchive.com/icons/graphicloads/seo-services/48/global-icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26d33042231f60c7eb39095c283fdb44996e1824d24412c7e0994738e12c5345 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://template.mapadapalavra.ba.gov.br/ Response headers cache-control max-age=5356800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "63e22404-7d3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Au2n9FxITCxpIKjZuCUjPVlmnpXAdrD4KYyEX7WQaYAdTNpyuscj7pBZGdVz45tQzq%2BTDExnM3BeRyVMkrdxJPlIQDV7%2FZC923Hm7kpDtbtK9d59yUp5SnQ92OHmiyqTydU8LRO9iX%2BkdMBDk6kmg5r3zQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e3701e598c29553-LHR accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=4994&sent=12&recv=12&lost=0&retrans=0&sent_bytes=7301&recv_bytes=2361&delivery_rate=1165714&cwnd=257&unsent_bytes=0&cid=786a3d01e78f4dc8&ts=1175&x=0" content-length 2003 date Sat, 16 Nov 2024 11:05:42 GMT content-type image/png last-modified Tue, 07 Feb 2023 10:12:20 GMT vary Accept-Encoding server cloudflare

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| version function| gtag number| sc_project number| sc_invisible string| sc_security string| ars object| dataLayer object| gapi object| ___jsl object| year function| _statcounter object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| atOptions

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.template.mapadapalavra.ba.gov.br/	1970-01-21 10:38:35	Name: sc_is_visitor_unique Value: rx12561151.1731755141.04A6E9BB0E0248A08EE8F85C18A19702.1.1.1.1.1.1.1.1.1
			.mapadapalavra.ba.gov.br/	1970-01-21 10:38:35	Name: _ga_S5MTG642M7 Value: GS1.1.1731755141.1.0.1731755141.0.0.0
			.mapadapalavra.ba.gov.br/	1970-01-21 10:38:35	Name: _ga Value: GA1.1.1959438300.1731755141
			.statcounter.com/	1970-01-21 10:38:35	Name: is_unique Value: sc12561151.1731755141.0
			.statcounter.com/	1970-01-21 10:38:35	Name: is_visitor_unique Value: 1731755141194436103
			.kajabi-cdn.com/	1970-01-21 01:02:36	Name: __cf_bm Value: leUiJzYlpXb34iaz_eWmfZ1FuunUYspWKu2txeKZq3w-1731755141-1.0.1.1-P1BvdP_V7au1C96ZnmHYR2dqi2RzAJXbKhsxqc7ugCMHELo7a1IvcVFwy81enKcAbLxJpnvQZfhXMlCbZ41XQA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://xss.my.id/theme/eventify/head.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/theme/eventify/headcode.js?v=69547, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/eventify/head.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/theme/eventify/headcode.js?v=69547, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/body.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/body.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/ads/banner-loading.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/ads/banner-loading.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://modificationdesignate.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
c.statcounter.com
docs.automic.com
icons.iconarchive.com
infogram-thumbs-1024.s3-eu-west-1.amazonaws.com
kajabi-storefronts-production.kajabi-cdn.com
modificationdesignate.com
sstatic1.histats.com
stackpath.bootstrapcdn.com
template.mapadapalavra.ba.gov.br
www.google-analytics.com
www.googletagmanager.com
www.slideteam.net
www.smartsheet.com
www.statcounter.com
xss.my.id
104.20.94.138
149.56.240.129
154.38.174.3
167.172.148.114
172.240.253.132
2606:4700:3038::6815:ebd6
2606:4700:3108::ac42:28ed
2606:4700:4400::6812:24de
2606:4700::6812:bcf
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:829::200e
2a04:4e42:400::703
3.5.65.18
78.47.71.66
0ba70347979990eb4ca850b8b399ea165843befa43e123446b3c5bb94c3ddc5e
17d896de76e12861acf4136e208e6015ceaf9ad2a0db8216073137e78440ca9e
26d33042231f60c7eb39095c283fdb44996e1824d24412c7e0994738e12c5345
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35e4e3f4a73d23cdbd8933f0a5492f7b8d4f37c557bd68030e80ca0fff057746
37011df08456a793ebe30b196e0c762ab2eca9f98ab86a3d28dc9e4e7fb3e10f
54ccfcc9fc6ef004a9ab606b1e4517c8b900573ffadd35f9a3ba2dd1fd6e9ad7
5cde2fe78c8ec960284bab2e1fee07547b2eee84b4993ccc555e4c179dd14ad8
6d661954657cac563efd4b9aef7ccb60f21bf97d17059dee4f5939abfc3515f0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ab657e99251555499b33e5cbfab26ff3ee2ed96a487a643fc207241e48122e9
7c426f285cc5659b4848ab8a6b6c5bf8a350a3905cad8a34413b50a6499affe6
8d3c67ff08c4853fb0b2ab5259e9e1d5ab5ff52c467eda026592e2902c0e59d5
922a33ee8abbaf3bfa552f12cc681297dea93fa5167337397c97e855c0de0978
9807e379eec53ad71cd9a15a7cbec3e16dae5e764f4b23e504278dff5bf3018e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac93bdd2dcc58bcbe33185db148f5c67015bbc5b595d83d898d40f1d0a25e1cd
c11c33e65846163e1632aaccfdbae7d08a1b325262798ea8f0fdb7903aa83a55
d0f3af1e716ce7846e7c252ace160c12480d41eecd5a7e7917ee5b2ccde62b51
e0adcfc955046be680bf327508ee5009c6683b8b0e26537dd50d273e3b9c3818
e8547257ea6b6b701da28029a942d3b61f7cee9c0e486512a1d3801d779455d5
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eff4699d91a2b392f01f6056d7984494020742966432545c4fbf4060b4655c03