obscurelover.xyz Open in urlscan Pro
34.196.13.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://unclehelmerdj.blogspot.co.uk/
Effective URL:
http://obscurelover.xyz/?k=5105c430b022bb0502c343056e23b9f5.1653811227.847.2.1.dHBwLmFsaWtlcnMuY29t&subid=redir&r=&z=0
Submission: On May 29 via api (May 29th 2022, 8:00:32 am UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 34.196.13.28, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is obscurelover.xyz. The Cisco Umbrella rank of the primary domain is 183329.

This is the only time obscurelover.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 4	2600:1f14:e89... 2600:1f14:e89:8500:79dc:2e68:c1fe:55d6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	34.196.13.28 34.196.13.28	14618 (AMAZON-AES) (AMAZON-AES)
21	6

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

unclehelmerdj.blogspot.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unclehelmerdj.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:e89:8500:79dc:2e68:c1fe:55d6 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

teste.alikers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
landing3.venenosas.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.13.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-13-28.compute-1.amazonaws.com

tpp.alikers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
obscurelover.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	google.com apis.google.com — Cisco Umbrella Rank: 100	150 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 8229	167 KB
3	venenosas.com.br 1 redirects landing3.venenosas.com.br	2 KB
3	blogblog.com www.blogblog.com — Cisco Umbrella Rank: 28101 resources.blogblog.com — Cisco Umbrella Rank: 15067	2 KB
2	alikers.com teste.alikers.com tpp.alikers.com	2 KB
2	blogspot.com unclehelmerdj.blogspot.com	15 KB
1	obscurelover.xyz obscurelover.xyz — Cisco Umbrella Rank: 183329	1 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	658 B
1	blogspot.co.uk 1 redirects unclehelmerdj.blogspot.co.uk	434 B
21	9

	Domain	Requested by
5	apis.google.com	unclehelmerdj.blogspot.com apis.google.com www.blogger.com
5	www.blogger.com	unclehelmerdj.blogspot.com apis.google.com
3	landing3.venenosas.com.br	1 redirects teste.alikers.com landing3.venenosas.com.br
2	resources.blogblog.com	www.blogger.com
2	unclehelmerdj.blogspot.com	unclehelmerdj.blogspot.com
1	obscurelover.xyz
1	tpp.alikers.com	landing3.venenosas.com.br
1	www.blogblog.com	unclehelmerdj.blogspot.com
1	pagead2.googlesyndication.com	unclehelmerdj.blogspot.com
1	teste.alikers.com	unclehelmerdj.blogspot.com
1	unclehelmerdj.blogspot.co.uk	1 redirects
21	11

This site contains no links.

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://obscurelover.xyz/?k=5105c430b022bb0502c343056e23b9f5.1653811227.847.2.1.dHBwLmFsaWtlcnMuY29t&subid=redir&r=&z=0
Frame ID: 26AC262663C07FE64A3C17CB3D60E176
Requests: 16 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5533380522798440956&blogName=unclehelmerdj&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://unclehelmerdj.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=http://unclehelmerdj.blogspot.com/&vt=-9016386594978168790&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Frame ID: 914D0914A0BEE08A752E4B90C120C2DA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

No Offers Available...

Page URL History Show full URLs

http://unclehelmerdj.blogspot.co.uk/ HTTP 302
http://unclehelmerdj.blogspot.com/ Page URL
http://landing3.venenosas.com.br/?int=true&ref= HTTP 301
http://landing3.venenosas.com.br/ Page URL
http://landing3.venenosas.com.br/redir2.html Page URL
http://tpp.alikers.com/?subid=redir Page URL
http://obscurelover.xyz/?k=5105c430b022bb0502c343056e23b9f5.1653811227.847.2.1.dHBwLmFsaWtlcnMuY29t&... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

21
Requests

57 %
HTTPS

83 %
IPv6

9
Domains

11
Subdomains

6
IPs

2
Countries

339 kB
Transfer

670 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://unclehelmerdj.blogspot.co.uk/ HTTP 302
http://unclehelmerdj.blogspot.com/ Page URL
http://landing3.venenosas.com.br/?int=true&ref= HTTP 301
http://landing3.venenosas.com.br/ Page URL
http://landing3.venenosas.com.br/redir2.html Page URL
http://tpp.alikers.com/?subid=redir Page URL
http://obscurelover.xyz/?k=5105c430b022bb0502c343056e23b9f5.1653811227.847.2.1.dHBwLmFsaWtlcnMuY29t&subid=redir&r=&z=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://unclehelmerdj.blogspot.co.uk/ HTTP 302
http://unclehelmerdj.blogspot.com/

Request Chain 17

http://landing3.venenosas.com.br/?int=true&ref= HTTP 301
http://landing3.venenosas.com.br/

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
unclehelmerdj.blogspot.com/
Redirect Chain

http://unclehelmerdj.blogspot.co.uk/
http://unclehelmerdj.blogspot.com/

27 KB
8 KB

199ms
164ms

Document
text/html

2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://unclehelmerdj.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ceb179f74ab79e406a82949be6b4ed0f099f33e8fbf68faeea548fb89587f9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 7527
Content-Type: text/html; charset=UTF-8
Date: Sun, 29 May 2022 08:00:24 GMT
ETag: W/"7d6aa0f995d0c3619684f03a608f206d72330f7cb5d746c137c0a1ee0b556ee2"
Expires: Sun, 29 May 2022 08:00:24 GMT
Last-Modified: Tue, 28 Aug 2018 10:42:34 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 180
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Sun, 29 May 2022 08:00:24 GMT
Expires: Sun, 29 May 2022 08:00:24 GMT
Location: http://unclehelmerdj.blogspot.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 86ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 23:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Mon, 23 May 2022 15:51:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 23 May 2023 23:20:42 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 77ms
28ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a46e721738fe773283959d5c78be8e4b74f398ef65efddcc2bc8b2c87f6b02b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20362
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sun, 29 May 2022 08:00:24 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "63dec9bbc38e8ea1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 08:00:24 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 117ms
116ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5533380522798440956&zx=971780fd-3326-4ab4-84a0-635d78dc2624

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 29 May 2022 08:00:24 GMT
server: GSE
date: Sun, 29 May 2022 08:00:24 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK teste.php
teste.alikers.com/ 491 B
718 B 965ms
172ms Script
application/javascript 2600:1f14:e89:8500:79dc:2e68:c1fe:55d6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://teste.alikers.com/teste.php
Requested by: Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/
Protocol: HTTP/1.1
Server: 2600:1f14:e89:8500:79dc:2e68:c1fe:55d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:00:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Referrer-Policy: no-referrer
Expires: 0
Content-Length: 491
Content-Type: application/javascript

GET
H/1.1 200
OK cookienotice.js Show response
unclehelmerdj.blogspot.com/js/ 6 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://unclehelmerdj.blogspot.com/js/cookienotice.js

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 24 May 2022 20:37:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 May 2022 18:51:20 GMT
Server: sffe
Age: 386583
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 6513
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 31 May 2022 20:37:21 GMT

GET
H2 200 1517801070-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
155 KB 66ms
25ms Script
text/javascript 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1517801070-widgets.js

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c618f84a68f3fc398e97a7e5f3b6ba4e2c437aff0d09196e15c6f68e1dd218c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 02:00:14 GMT
x-content-type-options: nosniff
age: 540010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158735
x-xss-protection: 0
last-modified: Mon, 23 May 2022 00:50:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 23 May 2023 02:00:14 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 149 KB
51 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a667c3feb68929a9fa9a024d1631d6f97d3629bfa86a076efb5268ad11f5bc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52038
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 14:24:06 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 52 KB
17 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0af24ff6d6bd7f6d539dfec7576073f24ca1f48b0d3fb2add69862689d3595bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 23:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16858
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 23:48:59 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 41ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 09:51:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 79705
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Sat, 11 Jun 2022 09:51:59 GMT

GET
H/1.1 200
OK paging_dot.png
www.blogblog.com/1kt/simple/ 99 B
684 B 42ms
21ms Image
image/png 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.blogblog.com/1kt/simple/paging_dot.png

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e3869a752d8d7cfad487a6f4e2def12daa851373a9cce97dcc4a96523501dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 23 May 2022 19:42:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 23 May 2022 15:51:33 GMT
Server: sffe
Age: 476258
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/png
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 99
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Mon, 30 May 2022 19:42:46 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 914D 7 KB
3 KB 124ms
124ms Document
text/html 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5533380522798440956&blogName=unclehelmerdj&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://unclehelmerdj.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=http://unclehelmerdj.blogspot.com/&vt=-9016386594978168790&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5706f37a2be855c436aa6a15daca2bfedb7f33d9083b849796b8dc8f4805a04

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://unclehelmerdj.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2602
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:00:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 538ms
537ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5533380522798440956&zx=971780fd-3326-4ab4-84a0-635d78dc2624

Requested by

Host: unclehelmerdj.blogspot.com
URL: http://unclehelmerdj.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://unclehelmerdj.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 29 May 2022 08:00:25 GMT
server: GSE
date: Sun, 29 May 2022 08:00:25 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 914D 52 KB
20 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5533380522798440956&blogName=unclehelmerdj&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://unclehelmerdj.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=http://unclehelmerdj.blogspot.com/&vt=-9016386594978168790&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17cc1567b1383b1a04bc9ca408f779f4604dba42667e4fc1b6e0543c56a53a59

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20371
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sun, 29 May 2022 08:00:25 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "dd58b2f78001cd7f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 08:00:25 GMT

GET
H2 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 914D 907 B
1 KB 20ms
19ms Image
image/png 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 21:19:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 05:50:18 GMT
server: sffe
age: 470433
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 30 May 2022 21:19:52 GMT

GET
H2 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 914D 117 B
230 B 20ms
19ms Image
image/png 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 22 May 2022 15:36:28 GMT
x-content-type-options: nosniff
last-modified: Sat, 21 May 2022 15:50:20 GMT
server: sffe
age: 577437
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 29 May 2022 15:36:28 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ Frame 914D 128 KB
42 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddee1c5dbbdefe75f8616d691393f619cea7279d99182febab75a3b1762c0e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 23:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42814
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 23:49:01 GMT

GET
H/1.1

200
OK

/
landing3.venenosas.com.br/
Redirect Chain

http://landing3.venenosas.com.br/?int=true&ref=
http://landing3.venenosas.com.br/

779 B
722 B

169ms
168ms

Document
text/html

2600:1f14:e89:8500:79dc:2e68:c1fe:55d6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://landing3.venenosas.com.br/
Requested by: Host: teste.alikers.com
URL: http://teste.alikers.com/teste.php
Protocol: HTTP/1.1
Server: 2600:1f14:e89:8500:79dc:2e68:c1fe:55d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://unclehelmerdj.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 455
Content-Type: text/html
Date: Sun, 29 May 2022 08:00:26 GMT
ETag: "1195646156"
Last-Modified: Sat, 23 Apr 2022 20:19:02 GMT
Referrer-Policy: no-referrer
Vary: Accept-Encoding

Redirect headers

Content-Length: 0
Date: Sun, 29 May 2022 08:00:26 GMT
Location: http://landing3.venenosas.com.br/
Referrer-Policy: no-referrer

GET
H/1.1 200
OK redir2.html
landing3.venenosas.com.br/ 3 KB
2 KB 169ms
168ms Document
text/html 2600:1f14:e89:8500:79dc:2e68:c1fe:55d6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://landing3.venenosas.com.br/redir2.html
Requested by: Host: landing3.venenosas.com.br
URL: http://landing3.venenosas.com.br/
Protocol: HTTP/1.1
Server: 2600:1f14:e89:8500:79dc:2e68:c1fe:55d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1359
Content-Type: text/html
Date: Sun, 29 May 2022 08:00:26 GMT
ETag: "457520930"
Last-Modified: Thu, 26 May 2022 13:55:16 GMT
Referrer-Policy: no-referrer
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
tpp.alikers.com/ 928 B
1 KB 1023ms
106ms Document
text/html 34.196.13.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://tpp.alikers.com/?subid=redir

Requested by

Host: landing3.venenosas.com.br
URL: http://landing3.venenosas.com.br/redir2.html

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

62cb89c8b0fadebfe5a5b4af3d8b446d3ca62513316e21bda299d47d7e4bd9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Connection: close
Content-Length: 928
Content-Type: text/html
Date: Sun, 29 May 2022 08:00:27 GMT
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Server: nginx
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Primary Request / Show response
obscurelover.xyz/ 415 B
1 KB 345ms
137ms Document
text/html 34.196.13.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://obscurelover.xyz/?k=5105c430b022bb0502c343056e23b9f5.1653811227.847.2.1.dHBwLmFsaWtlcnMuY29t&subid=redir&r=&z=0
Protocol: HTTP/1.1
Server: 34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-13-28.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 26c0b7bd93a6d20d75f9027c582602b42c8197536208422faf9e13a092f2709f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Type: text/html
Date: Sun, 29 May 2022 08:00:28 GMT
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
obscurelover.xyz/	1970-01-20 03:26:24	Name: tpp_u Value: 0%3B1653897628
obscurelover.xyz/	1970-01-20 03:26:24	Name: tpp_3807026_l Value: 16%3B1653897628
obscurelover.xyz/	1970-01-20 03:26:24	Name: tpp_ov Value: 102652%2C102907%2C102970%3B1653897628
obscurelover.xyz/	1970-01-20 03:26:24	Name: tpp_oc Value: 102970%3B1653897628

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
landing3.venenosas.com.br
obscurelover.xyz
pagead2.googlesyndication.com
resources.blogblog.com
teste.alikers.com
tpp.alikers.com
unclehelmerdj.blogspot.co.uk
unclehelmerdj.blogspot.com
www.blogblog.com
www.blogger.com
2600:1f14:e89:8500:79dc:2e68:c1fe:55d6
2a00:1450:4001:808::200e
2a00:1450:4001:810::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2009
34.196.13.28
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0af24ff6d6bd7f6d539dfec7576073f24ca1f48b0d3fb2add69862689d3595bb
17cc1567b1383b1a04bc9ca408f779f4604dba42667e4fc1b6e0543c56a53a59
1e3869a752d8d7cfad487a6f4e2def12daa851373a9cce97dcc4a96523501dba
26c0b7bd93a6d20d75f9027c582602b42c8197536208422faf9e13a092f2709f
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
62cb89c8b0fadebfe5a5b4af3d8b446d3ca62513316e21bda299d47d7e4bd9cf
6a46e721738fe773283959d5c78be8e4b74f398ef65efddcc2bc8b2c87f6b02b
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
a667c3feb68929a9fa9a024d1631d6f97d3629bfa86a076efb5268ad11f5bc1f
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c5706f37a2be855c436aa6a15daca2bfedb7f33d9083b849796b8dc8f4805a04
c618f84a68f3fc398e97a7e5f3b6ba4e2c437aff0d09196e15c6f68e1dd218c4
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ceb179f74ab79e406a82949be6b4ed0f099f33e8fbf68faeea548fb89587f9a8
ddee1c5dbbdefe75f8616d691393f619cea7279d99182febab75a3b1762c0e69

obscurelover.xyz Open in urlscan Pro 34.196.13.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

57 %HTTPS

83 %IPv6

9 Domains

11 Subdomains

6 IPs

2 Countries

339 kBTransfer

670 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

obscurelover.xyz Open in urlscan Pro
34.196.13.28 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

57 %
HTTPS

83 %
IPv6

9
Domains

11
Subdomains

6
IPs

2
Countries

339 kB
Transfer

670 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions