www.povodosanto.ga Open in urlscan Pro
2a00:1450:4001:810::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.povodosanto.ga/login.php
Submission Tags: krdprod
Submission: On June 10 via api (June 10th 2021, 10:32:31 am UTC) from JP

Summary HTTP 72 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 72 HTTP transactions. The main IP is 2a00:1450:4001:810::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.povodosanto.ga.
TLS certificate: Issued by GTS CA 1D4 on June 7th 2021. Valid for: 3 months.

This is the only time www.povodosanto.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a00:1450:400... 2a00:1450:4001:810::2013	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:810::2009	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::6815:31d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::200d	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:218c:3e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
4	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:510... 2600:1f18:510:800:2943:bb87:a771:c207	14618 (AMAZON-AES) (AMAZON-AES)
72	20

4 2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.povodosanto.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:31d (United States)

ASN13335 (CLOUDFLARENET, US)

contador.s12.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218c:3e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map3.hwcdn.net

cdn.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:510:800:2943:bb87:a771:c207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dcba.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	google.com 1 redirects apis.google.com www.google.com adservice.google.com accounts.google.com	307 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	158 KB
7	youtube.com www.youtube.com	126 KB
7	blogger.com 1 redirects www.blogger.com	94 KB
6	gstatic.com ssl.gstatic.com	5 KB
5	histats.com s10.histats.com s4.histats.com	5 KB
5	blogblog.com resources.blogblog.com	2 KB
4	povodosanto.ga www.povodosanto.ga	32 KB
3	popcash.net cdn.popcash.net dcba.popcash.net	36 KB
2	consensu.org quantcast.mgr.consensu.org	69 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	s12.com.br contador.s12.com.br	2 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	640 B
1	blogspot.com 1.bp.blogspot.com	126 KB
72	17

	Domain	Requested by
13	apis.google.com	www.povodosanto.ga apis.google.com www.blogger.com accounts.google.com www.youtube.com
7	www.youtube.com	apis.google.com www.youtube.com
7	www.blogger.com	1 redirects www.povodosanto.ga apis.google.com
6	ssl.gstatic.com	accounts.google.com www.povodosanto.ga
6	pagead2.googlesyndication.com	www.povodosanto.ga pagead2.googlesyndication.com tpc.googlesyndication.com
5	resources.blogblog.com	www.povodosanto.ga www.blogger.com
4	s4.histats.com	s10.histats.com
4	www.povodosanto.ga	www.povodosanto.ga
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	dcba.popcash.net	cdn.popcash.net
2	quantcast.mgr.consensu.org	www.povodosanto.ga quantcast.mgr.consensu.org
2	accounts.google.com	1 redirects apis.google.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google.com	www.povodosanto.ga tpc.googlesyndication.com
2	contador.s12.com.br	www.povodosanto.ga
1	yt3.ggpht.com	www.youtube.com
1	cdn.popcash.net	www.povodosanto.ga
1	s10.histats.com	contador.s12.com.br
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	1.bp.blogspot.com	www.povodosanto.ga
72	23

This site contains links to these domains. Also see Links.

Domain
povodosantoumbandaecandomble.blogspot.com
policies.google.com
contador.s12.com.br
www.blogger.com

Subject Issuer	Validity	Valid
www.povodosanto.ga GTS CA 1D4	`2021-06-07` - `2021-09-05`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
histats.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
cdn.popcash.net R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.popcash.net AlphaSSL CA - SHA256 - G2	`2021-04-22` - `2022-05-24`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.povodosanto.ga/login.php
Frame ID: 193B3E167592D3173B9CCBB95CB7020E
Requests: 46 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=2474113491328833298&blogName=Povo+do+Santo+&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://www.povodosanto.ga/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.povodosanto.ga/&vt=2935027065823849679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 763FB63C7C3A07855C69E3ECB4CCE131
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 8C300C29771BBB68A522C572B0F3A808
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6127082340351762&output=html&adk=1812271804&adf=3025194257&lmt=1623321129&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.povodosanto.ga%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623321129565&bpp=4&bdt=136&idt=72&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7422575394821&frm=20&pv=2&ga_vid=1789628277.1623321130&ga_sid=1623321130&ga_hid=662942289&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1068547403197756&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=236
Frame ID: 634699F85E7E18C1ED2E131AF4FA06CE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=foofoo2109&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.povodosanto.ga&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 97561A5E1A26A0C68F11E927F334CB2E
Requests: 6 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fwww.povodosanto.ga%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__&bpli=1
Frame ID: 0B7CC96D8AC83BF760F0AF348301E001
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.povodosanto.ga&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 5C095A0B38AA86C24FDE293ECD2100D3
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCmvSsl78W-eedGE9GhVranw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 0642E4DBE105154A0F3226C1195F06EE
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 89F3E2A81FBBDBE9610F088602B744E5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8744CE0D7C79275F1B46D5C4CDF8AF4A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

72
Requests

100 %
HTTPS

80 %
IPv6

17
Domains

23
Subdomains

20
IPs

4
Countries

1001 kB
Transfer

2662 kB
Size

11
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://povodosantoumbandaecandomble.blogspot.com/search/label/Umbanda?m=0
Title: Umbanda

Search URL Search Domain Scan URL

URL: http://povodosantoumbandaecandomble.blogspot.com/search/label/Candombl%C3%A9?m=0
Title: Candomblé

Search URL Search Domain Scan URL

URL: https://povodosantoumbandaecandomble.blogspot.com/search/label/Ora%C3%A7%C3%A3o?m=0
Title: Oração

Search URL Search Domain Scan URL

URL: https://povodosantoumbandaecandomble.blogspot.com/search/label/Espiritualista?m=0
Title: Espiritualista

Search URL Search Domain Scan URL

URL: https://povodosantoumbandaecandomble.blogspot.com/search/label/V%C3%ADdeos?m=0
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://povodosantoumbandaecandomble.blogspot.com/search/label/Cds%20Download
Title: Cds Download

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://contador.s12.com.br/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50&pageSize=21&origin=https://www.povodosanto.ga/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__ HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D2474113491328833298%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://www.povodosanto.ga/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.en_US.p7L79FLXQCw.O/am%253DAQ/d%253D1/rs%253DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2474113491328833298%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://www.povodosanto.ga/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.en_US.p7L79FLXQCw.O/am%253DAQ/d%253D1/rs%253DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/m%253D__features__%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fwww.povodosanto.ga%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__&bpli=1

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request login.php Show response
www.povodosanto.ga/ 55 KB
12 KB 159ms
135ms Document
text/html 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a09eb4a75a1fdeb98166c2813d7862abd3ec732169bc49271fc0e4bb2628622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.povodosanto.ga
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12176
server: GSE

GET
H2 200 3822632116-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:18:17 GMT
vary: Accept-Encoding
last-modified: Tue, 08 Jun 2021 00:57:45 GMT
server: sffe
x-content-type-options: nosniff
age: 162832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Wed, 08 Jun 2022 13:18:17 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2DLo0AxX8Cm6NQts5si0Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "920a6e51949cf2eec053a3396b28fac1"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-2DLo0AxX8Cm6NQts5si0Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 10 Jun 2021 10:32:09 GMT

GET
H2 200 unnamed-1200x900%2B%25281%2529.jpg
1.bp.blogspot.com/-A4W_t5-U6_w/XuVB7ZkMuoI/AAAAAAAAO-w/xDUqYK0mrJMaa44d4Bu6FeBMGt5X-mbowCK4BGAYYCw/s1600/ 125 KB
126 KB 44ms
20ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-A4W_t5-U6_w/XuVB7ZkMuoI/AAAAAAAAO-w/xDUqYK0mrJMaa44d4Bu6FeBMGt5X-mbowCK4BGAYYCw/s1600/unnamed-1200x900%2B%25281%2529.jpg

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e118a998f2e0e8af489950ef7d1118afb12189fd95cb1bab142c4048ab415369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed-1200x900 (1).jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128206
x-xss-protection: 0
server: fife
etag: "v3bed"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Jun 2021 17:12:49 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
587 B 10ms
6ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:45:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 04:02:18 GMT
server: sffe
age: 153978
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Tue, 15 Jun 2021 15:45:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eff766d6a18a3b38db2172ae793a05bef14c813b745acce0ff328f3bc480ec2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48308
x-xss-protection: 0
server: cafe
etag: 14635983453910833891
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 10:32:09 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gWPTyIOSVWIkwdyksPMxMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "a68431d28598ca094cc7a5b791b0415c"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-gWPTyIOSVWIkwdyksPMxMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 10 Jun 2021 10:32:09 GMT

GET
H2 200 img-BZ6ZWxwx2aD4ZCZ0-9.gif
contador.s12.com.br/ 274 B
879 B 244ms
213ms Image
image/gif 2606:4700:3032::6815:31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contador.s12.com.br/img-BZ6ZWxwx2aD4ZCZ0-9.gif
Requested by: Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: ebd1259e069e2037a4db9424b8a2732fc4c6f45d5255b66521d9d9253e59ebe6

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u7HydrvVuCqR9NeGk%2FLsjSx45rMj%2FD%2BrtXIJsRl0JSXwP7qbU7oMF3F7esc7nGEr%2BCnG%2B5p71riIfWwD9ec0sgwlKtCEZ6oqkyf9lzgyZ8RcN%2Bxliog5M6Pj1aJFZaEiGF8KN89R1Z0wnOpewQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65d1ef236d664ab0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 274
cf-request-id: 0a9713ca1d00004ab04d0ff000000001

GET
H2 200 ad.js Show response
contador.s12.com.br/ 2 KB
1 KB 267ms
236ms Script
text/html 2606:4700:3032::6815:31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://contador.s12.com.br/ad.js?id=BZ6ZWxwx2aD4ZCZ0
Requested by: Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: d31bae5c3759990b4e625d390310302a2595c8bc1f803aca729def433ec48b68

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pxqYwpsB9hJ1uV%2F4RKGZq2LwWvJqjU%2FI%2FFABbrBDxAOyPriU1FzuVtOC9%2B090Xyl%2BTVitF6%2BuZDmvbQVcmHq1k9V9lccpRGcJIc3yRN9C1MsJU3qNRK09TUEt6WuwERSvd%2Ff7D0bUVF5BBskZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 65d1ef236d614ab0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9713ca1d00004ab0732f6000000001

GET
H2 200 cookienotice.js Show response
www.povodosanto.ga/js/ 6 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.povodosanto.ga/js/cookienotice.js

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.povodosanto.ga
referer: https://www.povodosanto.ga/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.povodosanto.ga/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 09:55:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Thu, 17 Jun 2021 10:32:09 GMT

GET
H2 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
www.google.com/js/bg/ 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 20:26:57 GMT

GET
H2 200 csi.js Show response
www.povodosanto.ga/b/ 35 KB
18 KB 208ms
207ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.povodosanto.ga/b/csi.js?h=6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b48892ff054d6d8f05b7c300da42bf6f7df292b48552409d84e648c5dab90899

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /b/csi.js?h=6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.povodosanto.ga
referer: https://www.povodosanto.ga/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.povodosanto.ga/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
date: Thu, 10 Jun 2021 10:32:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 17808
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1147971663-widgets.js Show response
www.blogger.com/static/v1/widgets/ 147 KB
53 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1147971663-widgets.js

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63af183d8aa9aa9a1c199d4c755e977168e88cfad05b78dc71c65e2f89e8a5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 22:06:47 GMT
server: sffe
age: 160576
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54446
x-xss-protection: 0
expires: Wed, 08 Jun 2022 13:55:53 GMT

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 114ms
101ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2474113491328833298&zx=85b6d9c1-7d65-4977-a4b6-5273565e3602

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 10:32:09 GMT
server: GSE
date: Thu, 10 Jun 2021 10:32:09 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 body_background_dark.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ 106 B
242 B 8ms
6ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/body_background_dark.png

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:14:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 09:56:08 GMT
server: sffe
age: 130665
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Tue, 15 Jun 2021 22:14:24 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 142 KB
50 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187e5ab1d37aaa4779205fddec1d0bd632c73ba09db7590c8f79bc238557932f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51027
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 20:09:34 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 53 KB
17 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b834c71da74fb291ed70462dc10b44892f51bc795d13172ef983403634bfe7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 12:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17463
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 12:14:23 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
595 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 13:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 13:18:25 GMT

GET
H3-29 200 body_gradient_dark.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ 141 B
162 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/body_gradient_dark.png

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:05:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 12:55:44 GMT
server: sffe
age: 159996
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
expires: Tue, 15 Jun 2021 14:05:33 GMT

GET
H3-29 200 navbar.g Show response
www.blogger.com/ Frame 763F 7 KB
3 KB 165ms
165ms Document
text/html 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=2474113491328833298&blogName=Povo+do+Santo+&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://www.povodosanto.ga/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.povodosanto.ga/&vt=2935027065823849679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

226a3e39ba58676e6902d192220041b3e67edb57e2940accc26d3a035e232f43

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=2474113491328833298&blogName=Povo+do+Santo+&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://www.povodosanto.ga/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.povodosanto.ga/&vt=2935027065823849679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2584
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 231 KB
85 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6127082340351762&plah=www.povodosanto.ga&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87427
x-xss-protection: 0
server: cafe
etag: 18285230650351733317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 10:32:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 8C30 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 09 Jun 2021 20:40:48 GMT
expires: Wed, 23 Jun 2021 20:40:48 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
age: 49881
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 103ms
103ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2474113491328833298&zx=85b6d9c1-7d65-4977-a4b6-5273565e3602

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 10:32:09 GMT
server: GSE
date: Thu, 10 Jun 2021 10:32:09 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
640 B 209ms
89ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.povodosanto.ga&callback=_gfp_s_&client=ca-pub-6127082340351762

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6127082340351762&plah=www.povodosanto.ga&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

4dd2f9ecce7c8cce1dda648fa625370a3435aa77af2e92e17ef6b62b32b90365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.povodosanto.ga

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 37ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.povodosanto.ga

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6346 603 B
68 B 51ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6127082340351762&output=html&adk=1812271804&adf=3025194257&lmt=1623321129&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.povodosanto.ga%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623321129565&bpp=4&bdt=136&idt=72&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7422575394821&frm=20&pv=2&ga_vid=1789628277.1623321130&ga_sid=1623321130&ga_hid=662942289&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1068547403197756&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=236

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-6127082340351762&output=html&adk=1812271804&adf=3025194257&lmt=1623321129&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.povodosanto.ga%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623321129565&bpp=4&bdt=136&idt=72&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7422575394821&frm=20&pv=2&ga_vid=1789628277.1623321130&ga_sid=1623321130&ga_hid=662942289&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1068547403197756&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Jun 2021 10:32:09 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Jun-2021 10:47:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 10:32:09 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Thu, 10 Jun 2021 10:32:09 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 120ms
39ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: contador.s12.com.br
URL: https://contador.s12.com.br/ad.js?id=BZ6ZWxwx2aD4ZCZ0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:31:36 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 147325456

GET
H3-29 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=ytsubscribe/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 370 B
310 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=ytsubscribe/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a83894b9a7ff7f6d3d3baa5f7a57bed8a449e44db87e049866a4d1a486963e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 15:29:51 GMT

GET
H3-29 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0... 76 KB
27 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8aa5d4733227a78368dca8ea235b99482c9122d6062467f32f3d325d880c8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27123
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 16:10:16 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 9756 3 KB
2 KB 50ms
30ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=foofoo2109&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.povodosanto.ga&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6546be01654e99f59f4d8f69771d47f6e82933f0d7c213a95f675ed8b2910486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?usegapi=1&channel=foofoo2109&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.povodosanto.ga&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 10:32:09 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ynu5Ci1lAzE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+747; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

followers.g Show response
www.blogger.com/ Frame 0B7C
Redirect Chain

https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJ...
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D2474113491328833298%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDA...
https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJ...

5 KB
2 KB

373ms
373ms

Document
text/html

2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fwww.povodosanto.ga%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__&bpli=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9548d18888eeef716fc2e27ea7f2515d36f0792766bb088d6d30f34b04ab0e12

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fwww.povodosanto.ga%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 10:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1545
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 10:32:10 GMT
location: https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fwww.povodosanto.ga%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-wJPVSLBAjDyfQrxfuHlI/w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 474
server: GSE
set-cookie: __Host-GAPS=1:b-M51_QmkibDyBaLzTUZI8GNklzxxA:rjiYD0yCahUPXKic;Path=/;Expires=Sat, 10-Jun-2023 10:32:10 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 72ms
23ms Script
application/javascript 2600:9000:218c:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9358f222ba40b683e83f1705f68d251bf6002d597f38707e59abef418d6dfc37

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 10 Jun 2021 10:31:23 GMT
content-encoding: gzip
last-modified: Tue, 22 Dec 2020 18:58:46 GMT
server: AmazonS3
age: 102
etag: W/"ba5d12764ba6d8c6ecc9135d06608e70"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2ee05fc08860e6c53e732a51ce89da7c.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: CDG50-P1
x-amz-cf-id: ErcbcvkwYsFJYVz_bRwbfH90cWM5eg8zkqygImr9G0yCSNlwd4B6lg==

GET
H2 200 show.js Show response
cdn.popcash.net/ 125 KB
36 KB 93ms
33ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popcash.net/show.js
Requested by: Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 4c2cc9181406603fb13a2c13c1c837a6b220c27820267d1d4def64e58760af55

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DVz%2FnVS0jId0j7hzZouQSXp6j6Q%2FcW5YjG3OJLxnDB6J6x%2FPZB5jFXQ5W0Xs6WjGgUj751JpgWniI4tm50Z7xQvGhvRjmR08mWqqEPTFyrnC%2Fp9WNjJRCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length: 36463
cf-request-id: 0a915b27c700000b5524bd9000000001
last-modified: Wed, 09 Jun 2021 07:38:59 GMT
server: cloudflare
etag: W/"60c07013-1f3dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1623321129.cds052.sk1.hn,1623321129.cds020.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 65c8c7b93dd70b55-OSL

GET
H3-29 403 platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 763F 0
0 230ms
230ms Script
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by: Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=2474113491328833298&blogName=Povo+do+Santo+&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://www.povodosanto.ga/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.povodosanto.ga/&vt=2935027065823849679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 icons_gray.png
resources.blogblog.com/img/navbar/ Frame 763F 837 B
858 B 6ms
6ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_gray.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=2474113491328833298&blogName=Povo+do+Santo+&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://www.povodosanto.ga/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.povodosanto.ga/&vt=2935027065823849679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f31a100802a7d8a871d3e85a986f98fb49ed4b7802369b6d92e25d5ca7d3f58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:25:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 20:58:45 GMT
server: sffe
age: 169629
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
expires: Tue, 15 Jun 2021 11:25:00 GMT

GET
H3-29 200 arrows-dark.png
resources.blogblog.com/img/navbar/ Frame 763F 104 B
125 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-dark.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

016edff6bdae968a844d5aaec97a25827eac217aa188ff92ed8f40627f4767d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:05:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 22:06:47 GMT
server: sffe
age: 170795
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
expires: Tue, 15 Jun 2021 11:05:34 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 5C09 566 B
860 B 38ms
15ms Document
text/html 2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.povodosanto.ga&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3996f72a9111efc1030e052564822ae6cbd9c13805c33913bd039b6f4e53ea09

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cfpOjrbIpwN8yhO6sGgIFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.povodosanto.ga&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=X_yxn_qc3DWw0r5CLT9pPnfKcpB4H7UUTgm3wCQlOg3JO_Knzq6eN8sh7XcP_68bdn5sYkZU-Y5-xgEZbXyY--hELq9zvRAQ_w3OWlcNu5TBXdTem7PDTGD5Lz7-YG5FYV2roAa7L9tNB4iO9_nDItM-cYwWHqcvbuK9ihFrsRQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 10:32:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-cfpOjrbIpwN8yhO6sGgIFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 29ms
29ms Script
text/javascript 2600:9000:218c:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:10 GMT
content-encoding: br
x-amz-cf-pop: CDG50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:37 GMT
server: AmazonS3
etag: W/"1d55b13d85c9837da884d1e8594cc025"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 2ee05fc08860e6c53e732a51ce89da7c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-id: kpCo46yIAjGfT-AHDYiQxQblfhyFj9FdXZGGXZkC-_DYiWj90c_MCg==

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 373ms
123ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3908301&@f16&@g1&@h1&@i1&@j1623321130009&@k0&@l1&@mPovo%20do%20Santo&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-32477055&@b3:1623321130&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.povodosanto.ga%2Flogin.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 1c568c16ed561e5fabb897cbff5ad14a208ccda09c985f0365b6191f58d8c9cb

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 10:32:10 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 375ms
124ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2998001&@f16&@g1&@h1&@i1&@j1623321130009&@k0&@l1&@mPovo%20do%20Santo&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:21714087&@b3:1623321130&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.povodosanto.ga%2Flogin.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: e32cd86599fc91953ae532d9257ebbe8d5d78f04b97bd3eecc10e5b1aa156f59

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 10:32:10 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 380ms
126ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3908301&@f16&@g0&@h2&@i1&@j1623321130013&@k4&@l2&@mPovo%20do%20Santo&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-95293140&@b3:1623321130&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.povodosanto.ga%2Flogin.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 1c568c16ed561e5fabb897cbff5ad14a208ccda09c985f0365b6191f58d8c9cb

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 10:32:10 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 381ms
126ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2998001&@f16&@g0&@h2&@i1&@j1623321130013&@k4&@l2&@mPovo%20do%20Santo&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-12963611&@b3:1623321130&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.povodosanto.ga%2Flogin.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: e32cd86599fc91953ae532d9257ebbe8d5d78f04b97bd3eecc10e5b1aa156f59

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 10:32:10 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H3-29 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 9756 38 KB
6 KB 19ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=foofoo2109&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.povodosanto.ga&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=foofoo2109&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.povodosanto.ga&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 12:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
age: 166254
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
expires: Wed, 08 Jun 2022 12:21:16 GMT

GET
H2 200 AAUvwnh53Tv-6-R-5tThZzeHg2iH5IPINUmaj9YEnA3kGw=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9756 3 KB
3 KB 30ms
5ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnh53Tv-6-R-5tThZzeHg2iH5IPINUmaj9YEnA3kGw=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4c5a2e9ef8a22d66c6b35d95300820eb33720aeed5d6dfd3b653f05058b04464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 09:36:14 GMT
x-content-type-options: nosniff
age: 3356
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2994
x-xss-protection: 0
server: fife
etag: "v17c6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Jun 2021 17:12:50 GMT

GET
H3-29 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 9756 252 KB
72 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=foofoo2109&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.povodosanto.ga&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
age: 132858
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
expires: Wed, 08 Jun 2022 21:37:52 GMT

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 5C09 10 KB
5 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.povodosanto.ga&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 02:30:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 22:07:24 GMT

GET
H3-29 403 rpc:shindig_random.js
apis.google.com/js/ Frame 5C09 0
0 329ms
328ms Script
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by: Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.povodosanto.ga&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 znWaa3gu Show response
dcba.popcash.net/ 0
118 B 289ms
96ms XHR
text/plain 2600:1f18:510:800:2943:bb87:a771:c207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dcba.popcash.net/znWaa3gu
Requested by: Host: cdn.popcash.net
URL: https://cdn.popcash.net/show.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:510:800:2943:bb87:a771:c207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 10 Jun 2021 10:32:10 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 204 znWaa3gu Show response
dcba.popcash.net/ 0
117 B 280ms
96ms XHR
text/plain 2600:1f18:510:800:2943:bb87:a771:c207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dcba.popcash.net/znWaa3gu
Requested by: Host: cdn.popcash.net
URL: https://cdn.popcash.net/show.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:510:800:2943:bb87:a771:c207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 10 Jun 2021 10:32:10 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H3-29 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 9756 156 B
177 B 6ms
6ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 18:18:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 144823
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
expires: Wed, 08 Jun 2022 18:18:27 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 9756 120 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 07:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41440
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:06:19 GMT

GET
H3-29 200 subscribe_embed Show response
www.youtube.com/ Frame 0642 601 B
283 B 33ms
33ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCmvSsl78W-eedGE9GhVranw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e424ab3b265bfbbbfc42d8a03da9f1b3300b13659e13ed4c04ad45ccd518d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?action_card=1&channelid=UCmvSsl78W-eedGE9GhVranw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=ynu5Ci1lAzE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 10:32:10 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+784; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
63 B 22ms
8ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:29:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 151390
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 08 Jun 2022 16:29:00 GMT

GET
H3-29 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
63 B 22ms
8ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 12:16:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 166516
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 08 Jun 2022 12:16:54 GMT

GET
H3-29 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
339 B 17ms
7ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:59:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 156748
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Wed, 08 Jun 2022 14:59:42 GMT

GET
H3-29 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
137 B 19ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:11:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 123652
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Thu, 09 Jun 2022 00:11:18 GMT

GET
H3-29 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
138 B 19ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 07:03:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 185303
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Wed, 08 Jun 2022 07:03:47 GMT

GET
H3-29 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 0642 9 KB
2 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCmvSsl78W-eedGE9GhVranw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCmvSsl78W-eedGE9GhVranw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
age: 154127
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
expires: Wed, 08 Jun 2022 15:43:23 GMT

GET
H3-29 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 0642 149 KB
44 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCmvSsl78W-eedGE9GhVranw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
age: 138320
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
expires: Wed, 08 Jun 2022 20:06:50 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 0642 120 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 07:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41440
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:06:19 GMT

GET
H3-29 200 plusone.js Show response
apis.google.com/js/ Frame 0B7C 54 KB
20 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=2474113491328833298&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNGN0NCNEQiByNENTJDMUYqByMwMDAwMDAyByNGN0NCNEQ6ByNGN0NCNERCByNENTJDMUZKByM2NjY2NjZSByNENTJDMUZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fwww.povodosanto.ga%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__&bpli=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wBp1Nu6BR9jQPQe/wEuaeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "920a6e51949cf2eec053a3396b28fac1"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-wBp1Nu6BR9jQPQe/wEuaeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 10 Jun 2021 10:32:10 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 0B7C 142 KB
50 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187e5ab1d37aaa4779205fddec1d0bd632c73ba09db7590c8f79bc238557932f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51027
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 20:09:34 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 0B7C 38 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e048eadf48c79d3beba8eda69298f6c98711259485ed2ffbb17f5315f125750a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12729
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 21:48:40 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 33ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21bcc0345ce13bbc7af0a681865afc2ab813f35a429fa36ba9ad6ad60a8a6dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 10:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7771
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 10 Jun 2021 10:32:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 89F3 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 10 Jun 2021 10:18:15 GMT
expires: Fri, 10 Jun 2022 10:18:15 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 835
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8744 783 B
533 B 15ms
15ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

373b23c30ac6f2c1e4713320f0f876b21a14f21aa941a9a19436974adfd28732

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+K73gV61FWVUyDtWZg3aug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.povodosanto.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=X_yxn_qc3DWw0r5CLT9pPnfKcpB4H7UUTgm3wCQlOg3JO_Knzq6eN8sh7XcP_68bdn5sYkZU-Y5-xgEZbXyY--hELq9zvRAQ_w3OWlcNu5TBXdTem7PDTGD5Lz7-YG5FYV2roAa7L9tNB4iO9_nDItM-cYwWHqcvbuK9ihFrsRQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.povodosanto.ga/

Response headers

expires: Thu, 10 Jun 2021 10:32:10 GMT
date: Thu, 10 Jun 2021 10:32:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+K73gV61FWVUyDtWZg3aug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 89F3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 10:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 10:17:29 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=1068547403197756&bg=!uLulu__NAAY6sG-_OrA7ACkAdvg8WqbO69M5p108yQeF7MfBc4Vz6tnN4Y0Ru1q55wdQ9UK-9KmBGwIAAABZUgAAAAtoAQcKAB0FgjtAln7Nc411KY_I-0JONnaUD_BGOphnWZLaz5kCd-cOvQmpGjF06Ny2BvdEJnYauN-LV9Cyd_hcvzg25WJBpWpOSnXe2XjZeqtIQjnqVmRCN62EyPC9aDAsu1FpjpC9aiMxITlVLo4Dwo7_WWWX6JbUO4qpTKFbcyNoplZksKUsfsKLUjCzJI9hJz4y48SePvuTHDy5BU9H7BEOD2Bj3ZZg85RPfbD1OF3stknmqlJrqN_d-XABMVh7e1Psdx0VeqvF-WvPsdJbcQ8Tq4kpb5d6Pj5i7tcr8Md-fuOIWRNN_pEzFYTKKNbuHANlizTpUIGMxLHuy9tIVxL9frx19vXxjcZiYIr-dM2p_BYsvA0LqaVTrpdmNtkFvdTJKo2LqyHbvnRnYufu6ANV_qz-p6RJnjii5z9mjtbg25O0MqDs919siX6Iu297D6H5dtAHAOBD-aSRXDpDqw6Is-htt5MsFiyrihKbx6vJIT44lmkQQNue38puXXHTW8wYT3pgU1yrlKHl8zbtoNHXprOIHqpA6Gb9K3O5II09AvvWTk4T1zuxgXzQiMW8ecTyxaUZ3dcN1BA6EwG0g6iHEmicEMCFwTuuVqgcmbm5sFJXR5MfdVkoTKBX7gB9iv2shygY0B0YwbBiZxjYvvFPye0cDGn--owjhgsfdVgzCE-gBk_udKpcra0eoiBgCkLobFCA_lC-6EcXOjCu7WwVC0XVixMJsHI2ChHKXk7q71oly_DRsMRpaRfr76mWpwgh5Jv0xPe5lx8RYNI0MOz4pM_TAgRKF81b2SNCs97eC7x1NhEasYgSumI7R4L8DXGuz3_635iF_xVszLZ9Xvqnto_0sRFJmfA1MvTqXLvkzGuBwbt4O9jX7Ek

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.povodosanto.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 10:32:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csi.do Show response
www.povodosanto.ga/b/ 17 B
104 B 112ms
112ms XHR
text/html 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.povodosanto.ga/b/csi.do

Requested by

Host: www.povodosanto.ga
URL: https://www.povodosanto.ga/b/csi.js?h=6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee9798277eb44f6f29bd58ab7571e0f305282d6fd710a78fc251ffc4e3aeebd7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.povodosanto.ga
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: HstCfa3908301=1623321130009; HstCmu3908301=1623321130009; HstCnv3908301=1; HstCns3908301=1; HstCla3908301=1623321130013; HstPn3908301=2; HstPt3908301=2; __gads=ID=1f95d524f8e8a1cd-22922ba95dc80033:T=1623321129:RT=1623321129:S=ALNI_MYF73SSF25URH_-MZVMUrlF1cMc0Q
content-length: 1161
:path: /b/csi.do
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.povodosanto.ga
referer: https://www.povodosanto.ga/login.php
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.povodosanto.ga/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
date: Thu, 10 Jun 2021 10:32:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 37
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:55:22	Name: test_cookie Value: CheckForPermission
.povodosanto.ga/	1970-01-20 04:16:57	Name: __gads Value: ID=1f95d524f8e8a1cd-22922ba95dc80033:T=1623321129:RT=1623321129:S=ALNI_MYF73SSF25URH_-MZVMUrlF1cMc0Q
www.povodosanto.ga/	1970-01-20 03:40:57	Name: HstCla3908301 Value: 1623321130013
.google.com/	1970-01-19 23:18:52	Name: NID Value: 216=X_yxn_qc3DWw0r5CLT9pPnfKcpB4H7UUTgm3wCQlOg3JO_Knzq6eN8sh7XcP_68bdn5sYkZU-Y5-xgEZbXyY--hELq9zvRAQ_w3OWlcNu5TBXdTem7PDTGD5Lz7-YG5FYV2roAa7L9tNB4iO9_nDItM-cYwWHqcvbuK9ihFrsRQ
www.povodosanto.ga/	1970-01-20 03:40:57	Name: HstPt3908301 Value: 2
www.povodosanto.ga/	1970-01-20 03:40:57	Name: HstPn3908301 Value: 2
www.povodosanto.ga/	1970-01-20 03:40:57	Name: HstCnv3908301 Value: 1
www.povodosanto.ga/	1970-01-20 03:40:57	Name: HstCns3908301 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ynu5Ci1lAzE
www.povodosanto.ga/	1970-01-20 03:40:57	Name: HstCmu3908301 Value: 1623321130009
www.povodosanto.ga/	1970-01-20 03:40:57	Name: HstCfa3908301 Value: 1623321130009

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
cdn.popcash.net
contador.s12.com.br
dcba.popcash.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
quantcast.mgr.consensu.org
resources.blogblog.com
s10.histats.com
s4.histats.com
ssl.gstatic.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.googletagservices.com
www.povodosanto.ga
www.youtube.com
yt3.ggpht.com
151.139.128.10
158.69.251.190
216.58.212.130
2600:1f18:510:800:2943:bb87:a771:c207
2600:9000:218c:3e00:9:46dc:4700:93a1
2606:4700:3032::6815:31d
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2009
2a00:1450:4001:810::2013
2a00:1450:4001:811::200d
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
46.105.201.240
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
016edff6bdae968a844d5aaec97a25827eac217aa188ff92ed8f40627f4767d0
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216
187e5ab1d37aaa4779205fddec1d0bd632c73ba09db7590c8f79bc238557932f
1c568c16ed561e5fabb897cbff5ad14a208ccda09c985f0365b6191f58d8c9cb
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
21bcc0345ce13bbc7af0a681865afc2ab813f35a429fa36ba9ad6ad60a8a6dd8
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
226a3e39ba58676e6902d192220041b3e67edb57e2940accc26d3a035e232f43
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
373b23c30ac6f2c1e4713320f0f876b21a14f21aa941a9a19436974adfd28732
3996f72a9111efc1030e052564822ae6cbd9c13805c33913bd039b6f4e53ea09
4c2cc9181406603fb13a2c13c1c837a6b220c27820267d1d4def64e58760af55
4c5a2e9ef8a22d66c6b35d95300820eb33720aeed5d6dfd3b653f05058b04464
4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd
4dd2f9ecce7c8cce1dda648fa625370a3435aa77af2e92e17ef6b62b32b90365
50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186
63af183d8aa9aa9a1c199d4c755e977168e88cfad05b78dc71c65e2f89e8a5b4
6546be01654e99f59f4d8f69771d47f6e82933f0d7c213a95f675ed8b2910486
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
7a09eb4a75a1fdeb98166c2813d7862abd3ec732169bc49271fc0e4bb2628622
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9358f222ba40b683e83f1705f68d251bf6002d597f38707e59abef418d6dfc37
9548d18888eeef716fc2e27ea7f2515d36f0792766bb088d6d30f34b04ab0e12
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a83894b9a7ff7f6d3d3baa5f7a57bed8a449e44db87e049866a4d1a486963e91
a8aa5d4733227a78368dca8ea235b99482c9122d6062467f32f3d325d880c8a1
b48892ff054d6d8f05b7c300da42bf6f7df292b48552409d84e648c5dab90899
b834c71da74fb291ed70462dc10b44892f51bc795d13172ef983403634bfe7ec
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d31bae5c3759990b4e625d390310302a2595c8bc1f803aca729def433ec48b68
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e048eadf48c79d3beba8eda69298f6c98711259485ed2ffbb17f5315f125750a
e118a998f2e0e8af489950ef7d1118afb12189fd95cb1bab142c4048ab415369
e32cd86599fc91953ae532d9257ebbe8d5d78f04b97bd3eecc10e5b1aa156f59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e424ab3b265bfbbbfc42d8a03da9f1b3300b13659e13ed4c04ad45ccd518d7ae
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
ebd1259e069e2037a4db9424b8a2732fc4c6f45d5255b66521d9d9253e59ebe6
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ee9798277eb44f6f29bd58ab7571e0f305282d6fd710a78fc251ffc4e3aeebd7
eff766d6a18a3b38db2172ae793a05bef14c813b745acce0ff328f3bc480ec2b
f31a100802a7d8a871d3e85a986f98fb49ed4b7802369b6d92e25d5ca7d3f58c
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.povodosanto.ga Open in urlscan Pro 2a00:1450:4001:810::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

80 %IPv6

17 Domains

23 Subdomains

20 IPs

4 Countries

1001 kBTransfer

2662 kBSize

11 Cookies

10 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.povodosanto.ga Open in urlscan Pro
2a00:1450:4001:810::2013 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

80 %
IPv6

17
Domains

23
Subdomains

20
IPs

4
Countries

1001 kB
Transfer

2662 kB
Size

11
Cookies

72 HTTP transactions
0 data transactions