urlscan.io logo urlscan.io
SecurityTrails logo

ww1.signupandturnyourscreenoffsafepowernow.date Open in urlscan Pro
64.190.63.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://muhammadfaishal.blogspot.com/
Effective URL: http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
Submission: On February 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 15 domains to perform 32 HTTP transactions. The main IP is 64.190.63.136, located in Germany and belongs to SEDO-AS, DE. The main domain is ww1.signupandturnyourscreenoffsafepowernow.date.
This is the only time ww1.signupandturnyourscreenoffsafepowernow.date was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)
muhammadfaishal.blogspot.com
8    2607:f8b0:4006:824::2009 (United States)

ASN15169 (GOOGLE, US)
www.blogger.com
www.blogblog.com
resources.blogblog.com
4    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    2606:4700:3032::6815:5d46 (United States)

ASN13335 (CLOUDFLARENET, US)
teste.alikers.com
tpp.alikers.com
1    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700:3032::6815:2e6d (United States)

ASN13335 (CLOUDFLARENET, US)
landing3.venenosas.com.br
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    34.196.13.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-13-28.compute-1.amazonaws.com
alcohexameter.xyz
presidentstang.xyz
1    162.210.196.168 (Ellicott City, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
www.signupandturnyourscreenoffsafepowernow.date
2    64.190.63.136 (Germany)

ASN47846 (SEDO-AS, DE)
ww1.signupandturnyourscreenoffsafepowernow.date
1    2607:f8b0:4006:820::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
1    2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)
www.adsensecustomsearchads.com
2    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
Apex Domain
Subdomains		 Transfer
5 google.com
apis.google.com — Cisco Umbrella Rank: 108
www.google.com — Cisco Umbrella Rank: 2
200 KB
5 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11254
62 KB
4 venenosas.com.br
landing3.venenosas.com.br
6 KB
3 adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2530
56 KB
3 signupandturnyourscreenoffsafepowernow.date
www.signupandturnyourscreenoffsafepowernow.date
ww1.signupandturnyourscreenoffsafepowernow.date
9 KB
3 blogblog.com
www.blogblog.com — Cisco Umbrella Rank: 43788
resources.blogblog.com — Cisco Umbrella Rank: 20535
1 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9268
1 KB
2 alikers.com
teste.alikers.com
tpp.alikers.com
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 4764
612 B
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 56616
13 KB
1 presidentstang.xyz
presidentstang.xyz — Cisco Umbrella Rank: 263208
862 B
1 alcohexameter.xyz
alcohexameter.xyz
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 806
7 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
455 B
1 blogspot.com
muhammadfaishal.blogspot.com
7 KB
32 15
Domain Requested by
5 www.blogger.com muhammadfaishal.blogspot.com
apis.google.com
4 landing3.venenosas.com.br 1 redirects teste.alikers.com
landing3.venenosas.com.br
static.cloudflareinsights.com
4 apis.google.com muhammadfaishal.blogspot.com
apis.google.com
www.blogger.com
3 www.adsensecustomsearchads.com www.google.com
www.adsensecustomsearchads.com
2 afs.googleusercontent.com
2 ww1.signupandturnyourscreenoffsafepowernow.date ww1.signupandturnyourscreenoffsafepowernow.date
2 resources.blogblog.com www.blogger.com
1 partner.googleadservices.com www.google.com
1 img.sedoparking.com ww1.signupandturnyourscreenoffsafepowernow.date
1 www.google.com ww1.signupandturnyourscreenoffsafepowernow.date
1 www.signupandturnyourscreenoffsafepowernow.date 1 redirects
1 presidentstang.xyz 1 redirects
1 alcohexameter.xyz tpp.alikers.com
1 tpp.alikers.com muhammadfaishal.blogspot.com
1 static.cloudflareinsights.com landing3.venenosas.com.br
1 www.blogblog.com
1 pagead2.googlesyndication.com muhammadfaishal.blogspot.com
1 teste.alikers.com muhammadfaishal.blogspot.com
1 muhammadfaishal.blogspot.com
32 19

This site contains links to these domains. Also see Links.

Domain
sedo.com
www.sedo.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
alikers.com
E1		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
venenosas.com.br
GTS CA 1P5		 2024-02-07 -
2024-05-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
Frame ID: 69255B9460C791F38A873EBD7CFD55CC
Requests: 22 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1752912965586855106&blogName=muhammadfaishal&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://muhammadfaishal.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://muhammadfaishal.blogspot.com/&vt=3355355955225899568&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Frame ID: EE12851377A3A8B117E6AD26FD60EE03
Requests: 5 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Frame ID: 06C6A43226D019CA1459680FCF11B992
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-047%2Cexp-0051%2Cauxa-control-1%2C187408&client=dp-sedo92_3ph&r=m&hl=en&ivt=1&rpbu=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2Fcaf%2F%3Fses%3DY3JlPTE3MDg2ODUwMjAmdGNpZD13dzEuc2lnbnVwYW5kdHVybnlvdXJzY3JlZW5vZmZzYWZlcG93ZXJub3cuZGF0ZTY1ZDg3NmRjNjlhMGYyLjY4NDk5NTc0JnRhc2s9c2VhcmNoJmRvbWFpbj1zaWdudXBhbmR0dXJueW91cnNjcmVlbm9mZnNhZmVwb3dlcm5vdy5kYXRlJmFfaWQ9MyZzZXNzaW9uPXdnNGd0ZFgwNENHUUM5OWRwckxz&type=3&uiopt=false&swp=as-drid-2445610912134376&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C17301443%2C71847096&format=r3%7Cs&nocache=5501708685020906&num=0&output=afd_ads&domain_name=ww1.signupandturnyourscreenoffsafepowernow.date&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1708685020915&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=988&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=607429171&rurl=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2F%3Fsub1%3D67e4550b-d238-11ee-922e-b0edcddbb799
Frame ID: 5AF69FE770060A4CA909981291607DD2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

signupandturnyourscreenoffsafepowernow.date - This website is for sale! - signupandturnyourscreenoffsafepowernow Resources and Information.

Page URL History Show full URLs

  1. https://muhammadfaishal.blogspot.com/ Page URL
  2. https://landing3.venenosas.com.br/redir2.html?int=true&ref= HTTP 301
    https://landing3.venenosas.com.br/redir2.html Page URL
  3. https://tpp.alikers.com/?subid=redir Page URL
  4. http://alcohexameter.xyz/?subid=redir Page URL
  5. http://presidentstang.xyz/?k=179a40668262bb950a46dd45c38bd8d9.1708685019.408.2.1.YWxjb2hleGFtZXRlci54e... HTTP 302
    http://www.signupandturnyourscreenoffsafepowernow.date/zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMD... HTTP 302
    http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

32
Requests

81 %
HTTPS

73 %
IPv6

15
Domains

19
Subdomains

15
IPs

2
Countries

365 kB
Transfer

1004 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://muhammadfaishal.blogspot.com/ Page URL
  2. https://landing3.venenosas.com.br/redir2.html?int=true&ref= HTTP 301
    https://landing3.venenosas.com.br/redir2.html Page URL
  3. https://tpp.alikers.com/?subid=redir Page URL
  4. http://alcohexameter.xyz/?subid=redir Page URL
  5. http://presidentstang.xyz/?k=179a40668262bb950a46dd45c38bd8d9.1708685019.408.2.1.YWxjb2hleGFtZXRlci54eXo%3D&subid=redir&r=&z=600 HTTP 302
    http://www.signupandturnyourscreenoffsafepowernow.date/zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMDFI_ZNQiA7WvdcbQk0pA..&sid=&subid=103109_19c89ce5170bd5548f15a434a28a3893 HTTP 302
    http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://landing3.venenosas.com.br/redir2.html?int=true&ref= HTTP 301
  • https://landing3.venenosas.com.br/redir2.html

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
muhammadfaishal.blogspot.com/ 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c1dc9e3d3055ada13103b3523c94f85ef2bd3759e67e8b04477bfb160e71155b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
6568
content-type
text/html; charset=UTF-8
date
Fri, 23 Feb 2024 10:43:36 GMT
etag
W/"2f0fc5f43376e1ae676d900daeaa663e47b520d1788097e40a5cbbf5057272a0"
expires
Fri, 23 Feb 2024 10:43:36 GMT
last-modified
Tue, 20 Feb 2024 15:54:31 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:43:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7756
x-xss-protection
0
last-modified
Wed, 21 Feb 2024 09:55:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 21 Feb 2025 07:43:48 GMT
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a7507aebfd7528cc99957bbaa4a9917de241a5559fa73ed0ed51e424aebff
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Feb 2024 10:43:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"9127b207f82b7141"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 10:43:37 GMT
teste.php
teste.alikers.com/ 		599 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://teste.alikers.com/teste.php
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb3b5fe036243688ebf1c9fff321d7f781c8708e1e0aa064ca5965472488195

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:43:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325281
alt-svc
h3=":443"; ma=86400
content-length
599
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 03:54:23 GMT
server
cloudflare
etag
"303033677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFXbmbGeVC6Ygr%2B0tfi1ROKzTNxKgK46%2BeRdie6p9%2Fz3aiT2dtLeNM2lAuRwlGLcj2sYwBbsdz5xRwqwR3moBteuwTjA7odojtY6K0x%2F4EWhwU1PTC0yQyF7QgC4RmmBO49MS6FsC9d%2BeC1xEeco8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
859ede6e0883228d-MIA
1221747029-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1221747029-widgets.js
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 01:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51582
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 20:56:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 21 Feb 2025 01:58:42 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1752912965586855106&zx=81a055fa-e756-4b31-9b46-eafe501ebb29
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 23 Feb 2024 10:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2024 10:43:37 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61139
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 17:51:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Feb 2025 07:43:45 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 04:39:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Mar 2024 04:39:18 GMT
redir2.html
landing3.venenosas.com.br/
Redirect Chain
  • https://landing3.venenosas.com.br/redir2.html?int=true&ref=
  • https://landing3.venenosas.com.br/redir2.html
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landing3.venenosas.com.br/redir2.html
Requested by
Host: teste.alikers.com
URL: https://teste.alikers.com/teste.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:2e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a697a50a5d5de5966a0437d77bcaf687587683be37667d81262a1fead72d0e43

Request headers

Referer
https://muhammadfaishal.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=2678400
cf-cache-status
HIT
cf-ray
859ede72be5d3716-MIA
content-encoding
br
content-type
text/html
date
Fri, 23 Feb 2024 10:43:38 GMT
last-modified
Fri, 23 Feb 2024 10:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yach4cbi%2B5iDGPW9qqCPIUDpI5unOXfbAEnCjW80PKteNZj9jO9AdvJX973Rgr6Ido3Yfi7pNrpR960oy6ioQ7lZb7p56UofSes%2BhBL%2Fr9HmmGDdk4VKtu4Fwic%2B%2B34k9TuAY6VwLcoKz1NyVrwTZKWJe1LVoR5L"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=2678400
cf-cache-status
HIT
cf-ray
859ede706de83716-MIA
content-length
0
date
Fri, 23 Feb 2024 10:43:37 GMT
location
https://landing3.venenosas.com.br/redir2.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rgUI%2BFfn2F%2FV4m8WzBzzaQ0sCiOn9uGodGXG2B7XSqZDxVU%2BMOj0%2Bhm8UfJUouJwj3Gan6%2BjgrI9fN%2FmX2hAX3mOoleSY3CEvw3x%2BhNU4gQt6K7eXCOG6Y%2BtgPL7Cs2c6ExB2uHaNugHv1Brt2h30RaC5H6YcnB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
paging_dot.png
www.blogblog.com/1kt/simple/ 		99 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogblog.com/1kt/simple/paging_dot.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:47:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Feb 2024 13:55:41 GMT
server
sffe
age
96974
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 29 Feb 2024 07:47:23 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
88 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1752912965586855106&zx=81a055fa-e756-4b31-9b46-eafe501ebb29
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://muhammadfaishal.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 23 Feb 2024 10:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2024 10:43:37 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame EE12 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=1752912965586855106&blogName=muhammadfaishal&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://muhammadfaishal.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://muhammadfaishal.blogspot.com/&vt=3355355955225899568&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://muhammadfaishal.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2569
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Fri, 23 Feb 2024 10:43:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame EE12 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1752912965586855106&blogName=muhammadfaishal&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://muhammadfaishal.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://muhammadfaishal.blogspot.com/&vt=3355355955225899568&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Feb 2024 10:43:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21886
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"59662782cf9cc03d"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 10:43:37 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame EE12 		907 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1752912965586855106&blogName=muhammadfaishal&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://muhammadfaishal.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://muhammadfaishal.blogspot.com/&vt=3355355955225899568&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:56:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Feb 2024 13:55:41 GMT
server
sffe
age
96411
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
907
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 29 Feb 2024 07:56:46 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame EE12 		117 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1752912965586855106&blogName=muhammadfaishal&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://muhammadfaishal.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://muhammadfaishal.blogspot.com/&vt=3355355955225899568&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:51:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Feb 2024 11:56:17 GMT
server
sffe
age
96738
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 29 Feb 2024 07:51:19 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ Frame EE12 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45690
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 17:51:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Feb 2025 07:38:43 GMT
rocket-loader.min.js
landing3.venenosas.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing3.venenosas.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: landing3.venenosas.com.br
URL: https://landing3.venenosas.com.br/redir2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 16 Feb 2024 14:40:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cf73c3-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeNeCOYKqlG2PSCVCML1TyBasQvSvCDHcgF5iVJFivnDnosxn0eRNguB2PW%2BkPAtl5InujvRhFXZIbWhJuAjT72mnglyOUww19yTv%2BOuOhOncDxE4rEjLQZTCsuBFZthhjV0gpYssaRn0m3oScLWj74oiU7D%2Fp96"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
859ede73d82e67ea-MIA
expires
Sun, 25 Feb 2024 10:43:38 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: landing3.venenosas.com.br
URL: https://landing3.venenosas.com.br/redir2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://landing3.venenosas.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:43:38 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
859ede754f7467cf-MIA
/
tpp.alikers.com/ 		351 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpp.alikers.com/?subid=redir
Requested by
Host: muhammadfaishal.blogspot.com
URL: https://muhammadfaishal.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
859ede76ac7e228d-MIA
content-encoding
br
content-type
text/html
date
Fri, 23 Feb 2024 10:43:38 GMT
last-modified
Mon, 27 Jun 2022 00:38:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H42vga3gFRekyjhIbLWylcUgoDUCWqt3YBCoEIMot8%2BnT4LR0tBWp3%2BLtDvI2h2rrhGd%2FXlw735VW1hhZ22L1yGdfyxBhyffRiQTe%2BEYXrKk%2BYNCTFEJGkv%2B4Iv0JFoyhp%2Fgm0a91YxzWOd8h2A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rum
landing3.venenosas.com.br/cdn-cgi/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://landing3.venenosas.com.br/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
content-type
application/json

Response headers

date
Fri, 23 Feb 2024 10:43:38 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://landing3.venenosas.com.br
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
859ede75b94367ea-MIA
rum
landing3.venenosas.com.br/cdn-cgi/ 		0
0
/
alcohexameter.xyz/ 		944 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://alcohexameter.xyz/?subid=redir
Requested by
Host: tpp.alikers.com
URL: https://tpp.alikers.com/?subid=redir
Protocol
HTTP/1.1
Server
34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-13-28.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
close
Content-Length
944
Content-Type
text/html
Date
Fri, 23 Feb 2024 10:43:39 GMT
Expires
Mon, 31 Dec 2001 23:59:59 GMT
Pragma
no-cache
Server
nginx
X-Content-Type-Options
nosniff
Primary Request /
ww1.signupandturnyourscreenoffsafepowernow.date/
Redirect Chain
  • http://presidentstang.xyz/?k=179a40668262bb950a46dd45c38bd8d9.1708685019.408.2.1.YWxjb2hleGFtZXRlci54eXo%3D&subid=redir&r=&z=600
  • http://www.signupandturnyourscreenoffsafepowernow.date/zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMDFI_ZNQiA7WvdcbQk0pA..&sid=&subid=103109_19c89ce5170bd5548f15a434a2...
  • http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
9f7f9d80ba68be0e78194bf188170d6f58ff59a1db307c82b5a700e6d3788ccc

Request headers

Referer
http://alcohexameter.xyz/?subid=redir
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 23 Feb 2024 10:43:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 23 Feb 2024 10:43:40 GMT
pragma
no-cache
server
NginX
transfer-encoding
chunked
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_n4Bg961GrLMUFMrSsxlNwv7esAbzX8kfpExZroYlpWRtabZUSK7RpLF+KqJEh/9cWZNuqiTWtDd8u9KnqKO/CQ==
x-cache-miss-from
parking-6886896b64-j6kp2
x-powered-by
PHP/8.1.17

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 23 Feb 2024 10:43:39 GMT
location
http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
server
nginx
caf.js
www.google.com/adsense/domains/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: ww1.signupandturnyourscreenoffsafepowernow.date
URL: http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
Protocol
HTTP/1.1
Server
2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16c3f0559283a11598bcf5be297904dffcf66fb606708675efed8c36d19ca7c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww1.signupandturnyourscreenoffsafepowernow.date/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 10:43:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"3803388021849033063"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
Expires
Fri, 23 Feb 2024 10:43:40 GMT
arrows.png
img.sedoparking.com/templates/bg/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.sedoparking.com/templates/bg/arrows.png
Requested by
Host: ww1.signupandturnyourscreenoffsafepowernow.date
URL: http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
Protocol
HTTP/1.1
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww1.signupandturnyourscreenoffsafepowernow.date/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 10:43:40 GMT
x-cf-tsc
1705282024
X-CF3
H
CF4ttl
31536000.000
X-CF1
11696:fD.mia1:cf:cacheN.mia1-v:H
X-CF-ReqID
0b9a2516cfa07a7ec56c373efc848ef7
Connection
keep-alive
Content-Length
12642
X-CF2
H
Last-Modified
Mon, 11 Oct 2021 05:39:44 GMT
Server
CFS 0215
X-CFF
B
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CFHash
"6dc0bad9aa452ff871b282dabd47131e"
Cache-Control
max-age=604800
CF4Age
0
Accept-Ranges
bytes
Expires
Fri, 01 Mar 2024 10:43:40 GMT
cookie.js
partner.googleadservices.com/gampad/ 		440 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww1.signupandturnyourscreenoffsafepowernow.date&client=dp-sedo92_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec6e8e58c173f0d6fd2e5204159666a35d9c97b9d5039d55e6d9e7cc52f6467b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww1.signupandturnyourscreenoffsafepowernow.date/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
iframe.html
www.adsensecustomsearchads.com/afs/ads/i/ Frame 06C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd9d5435e04efd41e0423bc979ae55e155891259f269e501425a5fdb64b8968c
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-Ep7XGbJ6gf4XGDnVtniJow' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ww1.signupandturnyourscreenoffsafepowernow.date/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
728
content-security-policy
script-src 'nonce-Ep7XGbJ6gf4XGDnVtniJow' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Feb 2024 10:43:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 07:00:00 GMT
pragma
no-cache
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
www.adsensecustomsearchads.com/afs/ Frame 5AF6 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-047%2Cexp-0051%2Cauxa-control-1%2C187408&client=dp-sedo92_3ph&r=m&hl=en&ivt=1&rpbu=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2Fcaf%2F%3Fses%3DY3JlPTE3MDg2ODUwMjAmdGNpZD13dzEuc2lnbnVwYW5kdHVybnlvdXJzY3JlZW5vZmZzYWZlcG93ZXJub3cuZGF0ZTY1ZDg3NmRjNjlhMGYyLjY4NDk5NTc0JnRhc2s9c2VhcmNoJmRvbWFpbj1zaWdudXBhbmR0dXJueW91cnNjcmVlbm9mZnNhZmVwb3dlcm5vdy5kYXRlJmFfaWQ9MyZzZXNzaW9uPXdnNGd0ZFgwNENHUUM5OWRwckxz&type=3&uiopt=false&swp=as-drid-2445610912134376&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C17301443%2C71847096&format=r3%7Cs&nocache=5501708685020906&num=0&output=afd_ads&domain_name=ww1.signupandturnyourscreenoffsafepowernow.date&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1708685020915&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=988&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=607429171&rurl=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2F%3Fsub1%3D67e4550b-d238-11ee-922e-b0edcddbb799
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
f933485ea60e57abb610934a0313730ba1aa9965c89a38e32b2c29bfbb6b10a1
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Z_kiZrZQNaYIFD9h_quVgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://ww1.signupandturnyourscreenoffsafepowernow.date/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2912
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Z_kiZrZQNaYIFD9h_quVgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Fri, 23 Feb 2024 10:43:41 GMT
expires
Fri, 23 Feb 2024 10:43:41 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
tsc.php
ww1.signupandturnyourscreenoffsafepowernow.date/search/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww1.signupandturnyourscreenoffsafepowernow.date/search/tsc.php?200=NTIwMjU5MzQx&21=MzguMTMyLjExOC42OQ==&681=MTcwODY4NTAyMDJkNzllZDNlZGY4MGI3OWYwZjc0NTFiY2YyZDYzODhj&crc=c6296874de3480b3a429d595e665e72782db6c8c&cv=1
Requested by
Host: ww1.signupandturnyourscreenoffsafepowernow.date
URL: http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww1.signupandturnyourscreenoffsafepowernow.date/?sub1=67e4550b-d238-11ee-922e-b0edcddbb799
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:43:41 GMT
x-cache-miss-from
parking-6886896b64-vx586
server
NginX
x-powered-by
PHP/8.1.17
content-length
0
content-type
text/html; charset=UTF-8
caf.js
www.adsensecustomsearchads.com/adsense/domains/ Frame 5AF6 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-047%2Cexp-0051%2Cauxa-control-1%2C187408&client=dp-sedo92_3ph&r=m&hl=en&ivt=1&rpbu=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2Fcaf%2F%3Fses%3DY3JlPTE3MDg2ODUwMjAmdGNpZD13dzEuc2lnbnVwYW5kdHVybnlvdXJzY3JlZW5vZmZzYWZlcG93ZXJub3cuZGF0ZTY1ZDg3NmRjNjlhMGYyLjY4NDk5NTc0JnRhc2s9c2VhcmNoJmRvbWFpbj1zaWdudXBhbmR0dXJueW91cnNjcmVlbm9mZnNhZmVwb3dlcm5vdy5kYXRlJmFfaWQ9MyZzZXNzaW9uPXdnNGd0ZFgwNENHUUM5OWRwckxz&type=3&uiopt=false&swp=as-drid-2445610912134376&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C17301443%2C71847096&format=r3%7Cs&nocache=5501708685020906&num=0&output=afd_ads&domain_name=ww1.signupandturnyourscreenoffsafepowernow.date&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1708685020915&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=988&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=607429171&rurl=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2F%3Fsub1%3D67e4550b-d238-11ee-922e-b0edcddbb799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1825a63f2d7db40d72e16f4a225382119979e654c9bdb4956ac6b972acb4c9e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"16945431946974166647"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Fri, 23 Feb 2024 10:43:41 GMT
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 5AF6 		391 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Feb 2024 15:35:21 GMT
age
68900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Fri, 23 Feb 2024 14:35:21 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 5AF6 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Feb 2024 06:43:27 GMT
age
14414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sat, 24 Feb 2024 05:43:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
landing3.venenosas.com.br
URL
https://landing3.venenosas.com.br/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dto number| googleNDT_ number| googleAltLoader object| google object| cafRL object| cafEl string| onclick_param_l string| onclick_value_l string| onclick_value_al string| onclick_param_v string| onclick_value_v string| fb string| fb_token string| pu boolean| ds string| pus number| tlt boolean| dsb object| pdto object| request object| $parkModalButton object| $parkModalCloseButton object| $parkModal object| $parkCookieMessage object| $parkThirdPartyCookieCheckbox object| $parkAcceptAllCookiesButton function| executeTrackingPixel function| getCookieExpirationTime function| saveParkingCookie function| createCaf function| __sasCookie number| experimentId_

6 Cookies

Domain/Path Name / Value
presidentstang.xyz/ Name: tpp_u
Value: 0%3B1708771419
presidentstang.xyz/ Name: tpp_6585011_l
Value: 1034%3B1708771419
presidentstang.xyz/ Name: tpp_ov
Value: 102652%2C103109%3B1708771419
presidentstang.xyz/ Name: tpp_oc
Value: 103109%3B1708771419
.signupandturnyourscreenoffsafepowernow.date/ Name: sid
Value: 67e4550b-d238-11ee-922e-b0edcddbb799
.signupandturnyourscreenoffsafepowernow.date/ Name: __gsas
Value: ID=eaac7a15fbca847f:T=1708685021:RT=1708685021:S=ALNI_MaLs5A-Vr2S8dRx5A__dDmxV2UnIw

2 Console Messages

Source Level URL
Text
other warning URL: http://www.google.com/adsense/domains/caf.js(Line 200)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning URL: https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=0(Line 88)
Message:
Mixed Content: The page at 'https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-047%2Cexp-0051%2Cauxa-control-1%2C187408&client=dp-sedo92_3ph&r=m&hl=en&ivt=1&rpbu=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2Fcaf%2F%3Fses%3DY3JlPTE3MDg2ODUwMjAmdGNpZD13dzEuc2lnbnVwYW5kdHVybnlvdXJzY3JlZW5vZmZzYWZlcG93ZXJub3cuZGF0ZTY1ZDg3NmRjNjlhMGYyLjY4NDk5NTc0JnRhc2s9c2VhcmNoJmRvbWFpbj1zaWdudXBhbmR0dXJueW91cnNjcmVlbm9mZnNhZmVwb3dlcm5vdy5kYXRlJmFfaWQ9MyZzZXNzaW9uPXdnNGd0ZFgwNENHUUM5OWRwckxz&t...d-2445610912134376&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C17301443%2C71847096&format=r3%7Cs&nocache=5501708685020906&num=0&output=afd_ads&domain_name=ww1.signupandturnyourscreenoffsafepowernow.date&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1708685020915&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=988&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=607429171&rurl=http%3A%2F%2Fww1.signupandturnyourscreenoffsafepowernow.date%2F%3Fsub1%3D67e4550b-d238-11ee-922e-b0edcddbb799' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://ww1.signupandturnyourscreenoffsafepowernow.date/caf/?ses=Y3JlPTE3MDg2ODUwMjAmdGNpZD13dzEuc2lnbnVwYW5kdHVybnlvdXJzY3JlZW5vZmZzYWZlcG93ZXJub3cuZGF0ZTY1ZDg3NmRjNjlhMGYyLjY4NDk5NTc0JnRhc2s9c2VhcmNoJmRvbWFpbj1zaWdudXBhbmR0dXJueW91cnNjcmVlbm9mZnNhZmVwb3dlcm5vdy5kYXRlJmFfaWQ9MyZzZXNzaW9uPXdnNGd0ZFgwNENHUUM5OWRwckxz'. This endpoint should be made available over a secure connection.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
alcohexameter.xyz
apis.google.com
img.sedoparking.com
landing3.venenosas.com.br
muhammadfaishal.blogspot.com
pagead2.googlesyndication.com
partner.googleadservices.com
presidentstang.xyz
resources.blogblog.com
static.cloudflareinsights.com
teste.alikers.com
tpp.alikers.com
ww1.signupandturnyourscreenoffsafepowernow.date
www.adsensecustomsearchads.com
www.blogblog.com
www.blogger.com
www.google.com
www.signupandturnyourscreenoffsafepowernow.date
landing3.venenosas.com.br
162.210.196.168
205.234.175.175
2606:4700:3032::6815:2e6d
2606:4700:3032::6815:5d46
2606:4700::6810:3865
2607:f8b0:4006:809::200e
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:820::2004
2607:f8b0:4006:824::2009
2607:f8b0:4006:824::200e
34.196.13.28
64.190.63.136
16c3f0559283a11598bcf5be297904dffcf66fb606708675efed8c36d19ca7c2
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
1825a63f2d7db40d72e16f4a225382119979e654c9bdb4956ac6b972acb4c9e8
3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
7fb3b5fe036243688ebf1c9fff321d7f781c8708e1e0aa064ca5965472488195
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
9f7f9d80ba68be0e78194bf188170d6f58ff59a1db307c82b5a700e6d3788ccc
a697a50a5d5de5966a0437d77bcaf687587683be37667d81262a1fead72d0e43
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
c1dc9e3d3055ada13103b3523c94f85ef2bd3759e67e8b04477bfb160e71155b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dd9d5435e04efd41e0423bc979ae55e155891259f269e501425a5fdb64b8968c
e23a7507aebfd7528cc99957bbaa4a9917de241a5559fa73ed0ed51e424aebff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec6e8e58c173f0d6fd2e5204159666a35d9c97b9d5039d55e6d9e7cc52f6467b
f933485ea60e57abb610934a0313730ba1aa9965c89a38e32b2c29bfbb6b10a1