turfgenie.blogspot.com Open in urlscan Pro
2a00:1450:4001:800::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://turfgenie.blogspot.com/?m=1
Submission: On January 05 via manual (January 5th 2023, 5:16:11 pm UTC) from SN — Scanned from DE

Summary HTTP 99 Redirects Links 85 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 99 HTTP transactions. The main IP is 2a00:1450:4001:800::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is turfgenie.blogspot.com.

This is the only time turfgenie.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2009	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	194.150.236.166 194.150.236.166	44976 (HIWIT_AS) (HIWIT_AS)
7 7	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.27.63.154 212.27.63.154	12322 (PROXAD) (PROXAD)
3	46.105.57.169 46.105.57.169	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3035::ac43:c4a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:41d0:301... 2001:41d0:301::20	16276 (OVH) (OVH)
2	2001:41d0:301... 2001:41d0:301::28	16276 (OVH) (OVH)
28	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5	212.83.183.115 212.83.183.115	12876 (Online SAS) (Online SAS)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
9	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2606:2800:233... 2606:2800:233:ce53:4396:b914:64c2:638e	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
99	25

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

turfgenie.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net

www.parishorse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3038::6815:ea1b (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3038::6815:ea1a (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.27.63.154 (Rouen, France)

ASN12322 (PROXAD, FR)
PTR: perso154-g5.free.fr

lemagicienduturf.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.57.169 (Saint-Ouen, France)

ASN16276 (OVH, FR)
PTR: cluster020.hosting.ovh.net

www.kriturf.lachezvos.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pmu-trader.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lepro-pmu.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c4a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mega-turf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:301::20 (France)

ASN16276 (OVH, FR)

www.pmu-net.lachezvos.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mini-turf.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:301::28 (France)

ASN16276 (OVH, FR)

jeuxsurs.siteneti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
games-turf.siteneti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.83.183.115 (La Garenne-Colombes, France)

ASN12876 (Online SAS, FR)
PTR: www.allosponsor.com

www.allosponsor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.turfmagique.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:ce53:4396:b914:64c2:638e (United States)

ASN15133 (EDGECAST, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2261 t.paypal.com — Cisco Umbrella Rank: 3169 c.paypal.com — Cisco Umbrella Rank: 5919 b.stats.paypal.com — Cisco Umbrella Rank: 5647 dub.stats.paypal.com — Cisco Umbrella Rank: 22405 c6.paypal.com — Cisco Umbrella Rank: 7454	424 KB
14	root-top.com 13 redirects img.root-top.com	10 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	205 KB
7	blogger.com www.blogger.com — Cisco Umbrella Rank: 6833	197 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 163 adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	142 KB
6	blogspot.com turfgenie.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 9836 4.bp.blogspot.com — Cisco Umbrella Rank: 13556 3.bp.blogspot.com — Cisco Umbrella Rank: 13013	71 KB
5	allosponsor.com www.allosponsor.com — Cisco Umbrella Rank: 897560	6 KB
4	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 14712	2 KB
3	googleusercontent.com 1 redirects lh3.googleusercontent.com — Cisco Umbrella Rank: 181 themes.googleusercontent.com — Cisco Umbrella Rank: 19539	132 KB
3	c4s.online www.pmu-trader.c4s.online www.lepro-pmu.c4s.online www.mini-turf.c4s.online	965 KB
2	turfmagique.fr www.turfmagique.fr	24 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	5 KB
2	siteneti.net jeuxsurs.siteneti.net games-turf.siteneti.net	178 KB
2	lachezvos.pro www.kriturf.lachezvos.pro www.pmu-net.lachezvos.pro	14 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5450	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	695 B
1	mega-turf.fr www.mega-turf.fr	106 KB
1	free.fr lemagicienduturf.free.fr	3 KB
1	parishorse.net www.parishorse.net	9 KB
99	19

	Domain	Requested by
28	www.paypal.com	turfgenie.blogspot.com www.paypal.com
14	img.root-top.com	13 redirects turfgenie.blogspot.com
7	pagead2.googlesyndication.com	turfgenie.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	www.blogger.com	turfgenie.blogspot.com apis.google.com www.blogger.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	www.allosponsor.com	turfgenie.blogspot.com www.allosponsor.com
4	t.paypal.com	turfgenie.blogspot.com
4	resources.blogblog.com	turfgenie.blogspot.com www.blogger.com
4	apis.google.com	turfgenie.blogspot.com apis.google.com www.blogger.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	turfgenie.blogspot.com	turfgenie.blogspot.com www.blogger.com
2	www.turfmagique.fr	www.allosponsor.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	themes.googleusercontent.com	1 redirects turfgenie.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	lh3.googleusercontent.com	turfgenie.blogspot.com
1	www.mini-turf.c4s.online	turfgenie.blogspot.com
1	games-turf.siteneti.net	turfgenie.blogspot.com
1	www.lepro-pmu.c4s.online	turfgenie.blogspot.com
1	www.pmu-trader.c4s.online	turfgenie.blogspot.com
1	jeuxsurs.siteneti.net	turfgenie.blogspot.com
1	3.bp.blogspot.com	turfgenie.blogspot.com
1	www.pmu-net.lachezvos.pro	turfgenie.blogspot.com
1	4.bp.blogspot.com	turfgenie.blogspot.com
1	www.mega-turf.fr	turfgenie.blogspot.com
1	www.kriturf.lachezvos.pro	turfgenie.blogspot.com
1	lemagicienduturf.free.fr	turfgenie.blogspot.com
1	www.parishorse.net	turfgenie.blogspot.com
1	1.bp.blogspot.com	turfgenie.blogspot.com
99	35

This site contains links to these domains. Also see Links.

Domain
turfweb3.onlc.fr
www.leproduturf.c4s.online
www.prono-synthese.lachezvos.pro
www.harmonie-turf.lachezvos.pro
www.kriturf.lachezvos.pro
www.wrai-base.c4s.online
www.sieg-turf.lachezvos.pro
www.ph-turf.c4s.online
www.extra-derby.c4s.online
www.echo-pmu.lachezvos.pro
couplesu1.onlc.fr
www.oxfordpmu.c4s.online
www.1turf-net.lachezvos.pro
www.waris-turf.lachezvos.pro
www.pmu-net.lachezvos.pro
prono-selection.lachezvos.pro
www.cerclemagic.lachezvos.pro
www.toyo-turf.lachezvos.pro
www.prono-center.c4s.online
www.advans-prono.lachezvos.pro
www.lemetro.lachezvos.pro
www.parishorse.net
www.root-top.com
www.letuyauturf.info
www.pmu-trader.c4s.online
www.lepro-pmu.c4s.online
www.galopeur.c4s.online
games-turf.siteneti.net
www.mini-turf.c4s.online
www.blogger.com
www.turfpatron.lachezvos.pro
trotteurpmu.siteneti.net
www.erfolg.c4s.online
www.herosturf.c4s.online
www.a-turf.lachezvos.pro
www.snap-turf.lachezvos.pro
www.turfoision.c4s.online
www.derma-turf.lachezvos.pro
www.expert-course.c4s.online
leveinardturf1.onlc.fr
www.papirus.lachezvos.pro
www.abc-cheval.lachezvos.pro
lemagicienduturf.free.fr
www.parishorse.com
www.pmuchampion.com
www.allosponsor.com
www.istockphoto.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.allosponsor.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-07` - `2023-07-07`	a year	crt.sh
turfmagique.fr R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://turfgenie.blogspot.com/?m=1
Frame ID: A0DA441309F178AEFD2E45B15C44C2FD
Requests: 58 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=4124775128185576567&blogName=TURF+GENIE&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://turfgenie.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://turfgenie.blogspot.com/&vt=3202043039699702454&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 5C315ACE157A40AFE86357E94F84DA63
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 05EA29CAD9701C7E17C84CF8DD71BF56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5241295165143928&output=html&adk=1812271804&adf=3025194257&lmt=1672912484&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fturfgenie.blogspot.com%2F%3Fm%3D1&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1672938965620&bpp=3&bdt=359&idt=337&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7155862526276&frm=20&pv=2&ga_vid=1823319913.1672938966&ga_sid=1672938966&ga_hid=1942018813&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C44768832%2C44778780%2C44780792&oid=2&pvsid=1297075508849850&tmod=795528061&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=357
Frame ID: 3BF82C25046A6C347388CF15C7B8A0D7
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_ae11682d32_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 0EAF81873907A1FC3B600B5FEF5F792B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6CB122042DFC5401E185148A234E8DD6
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: A129D7764AFBFD21EE88D04B0B828DC1
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_7d84ad8b1c_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: CF6CB24CE850E508491ACBFA2B7A31F3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: C268D1A7DB6FA0F0132C70FF4B0DE78D
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_086f30fdd6_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: E1A7B5FEC9FC2FE69A9EE028EFC899BC
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: B71C14C45ADEA8E1AE1BCEB3F5F50B91
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_c1b7663933_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 264BCDC279A7DC834343D8F8676876B3
Requests: 10 HTTP requests in this frame

Frame: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&type=1&affc=1&s=0
Frame ID: CECF0F00AE487A2FC96E58C8BDEF05F2
Requests: 2 HTTP requests in this frame

Frame: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&affc=1&s=0
Frame ID: 7C79B777A299DFB2151574B6720CE2A7
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 24494BC7A0B0AAFD272DCFA2E30B8E87
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS
Frame ID: A2D3C8231CB033B77F3312343AA86903
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4CD1B0C068A9A8874026E943AA5C94E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 011D879FA306CCD58F68E8CB35C58D2C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TURF GENIE

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

99
Requests

77 %
HTTPS

68 %
IPv6

19
Domains

35
Subdomains

25
IPs

4
Countries

2485 kB
Transfer

4095 kB
Size

10
Cookies

85 Outgoing links

These are links going to different origins than the main page.

URL: http://turfweb3.onlc.fr/0-Accueil.html
Title: TURFWEB

Search URL Search Domain Scan URL

URL: http://www.leproduturf.c4s.online/
Title: LEPRODUTURF

Search URL Search Domain Scan URL

URL: http://www.prono-synthese.lachezvos.pro/
Title: PRONO-SYNTHESE

Search URL Search Domain Scan URL

URL: http://www.harmonie-turf.lachezvos.pro/
Title: HARMONIE

Search URL Search Domain Scan URL

URL: http://www.kriturf.lachezvos.pro/
Title: KRITURF

Search URL Search Domain Scan URL

URL: http://www.wrai-base.c4s.online/
Title: VRAI-BASE

Search URL Search Domain Scan URL

URL: http://www.sieg-turf.lachezvos.pro/
Title: SIEG-TURF

Search URL Search Domain Scan URL

URL: http://www.ph-turf.c4s.online/
Title: PH-TURF

Search URL Search Domain Scan URL

URL: http://www.extra-derby.c4s.online/
Title: EXTRA-DERBY

Search URL Search Domain Scan URL

URL: http://www.echo-pmu.lachezvos.pro/
Title: ECHO-PMU

Search URL Search Domain Scan URL

URL: http://couplesu1.onlc.fr/?killdesignsession
Title: COUPLESUR

Search URL Search Domain Scan URL

URL: http://www.oxfordpmu.c4s.online/
Title: OXFORDPMU

Search URL Search Domain Scan URL

URL: http://www.1turf-net.lachezvos.pro/
Title: 1TURF-NET

Search URL Search Domain Scan URL

URL: http://www.waris-turf.lachezvos.pro/
Title: WARIS-TURF

Search URL Search Domain Scan URL

URL: http://www.pmu-net.lachezvos.pro/
Title: PMU-NET

Search URL Search Domain Scan URL

URL: http://prono-selection.lachezvos.pro/index.php
Title: PRONO-SELECTION

Search URL Search Domain Scan URL

URL: http://www.cerclemagic.lachezvos.pro/
Title: CERCLEMAGIC

Search URL Search Domain Scan URL

URL: http://www.toyo-turf.lachezvos.pro/
Title: TUYOTURF

Search URL Search Domain Scan URL

URL: http://www.prono-center.c4s.online/index.php
Title: PRONO CENTER

Search URL Search Domain Scan URL

URL: http://www.advans-prono.lachezvos.pro/
Title: ADVANS TURF

Search URL Search Domain Scan URL

URL: http://www.lemetro.lachezvos.pro/index.php
Title: LEMETRO

Search URL Search Domain Scan URL

URL: http://www.parishorse.net/vote.php?id=7

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/exelturf/in.php?ID=278

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/assezdegain/in.php?ID=190

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topturfjs/in.php?ID=1389

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/astropmu/in.php?ID=5

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/01turf/in.php?ID=479

Search URL Search Domain Scan URL

URL: http://www.letuyauturf.info/vote.php?id=13

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion/in.php?ID=73

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuturf/in.php?ID=294

Search URL Search Domain Scan URL

URL: http://www.parishorse.net/vote.php?id=188

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion/?vote=valide

Search URL Search Domain Scan URL

URL: http://www.pmu-trader.c4s.online/

Search URL Search Domain Scan URL

URL: http://www.lepro-pmu.c4s.online/

Search URL Search Domain Scan URL

URL: http://www.galopeur.c4s.online/
Title: Site Turf

Search URL Search Domain Scan URL

URL: http://games-turf.siteneti.net/

Search URL Search Domain Scan URL

URL: http://www.mini-turf.c4s.online/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4124775128185576567&postID=863672178080626081&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=863672178080626081&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=863672178080626081&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=863672178080626081&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=863672178080626081&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=863672178080626081&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4124775128185576567&postID=72991498687549547&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=72991498687549547&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=72991498687549547&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=72991498687549547&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=72991498687549547&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=72991498687549547&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4124775128185576567&postID=6369285230484582973&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=6369285230484582973&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=6369285230484582973&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=6369285230484582973&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=6369285230484582973&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=6369285230484582973&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4124775128185576567&postID=8572752447385040522&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=8572752447385040522&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=8572752447385040522&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=8572752447385040522&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=8572752447385040522&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4124775128185576567&postID=8572752447385040522&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: http://www.turfpatron.lachezvos.pro/index.php
Title: TURFPATRON

Search URL Search Domain Scan URL

URL: http://trotteurpmu.siteneti.net/
Title: TROTTEURPMU

Search URL Search Domain Scan URL

URL: http://www.erfolg.c4s.online/
Title: ERFOLG

Search URL Search Domain Scan URL

URL: http://www.herosturf.c4s.online/index.php
Title: HEROSTURF

Search URL Search Domain Scan URL

URL: http://www.a-turf.lachezvos.pro/
Title: @-turf

Search URL Search Domain Scan URL

URL: http://www.snap-turf.lachezvos.pro/index.php
Title: SNAP-TURF

Search URL Search Domain Scan URL

URL: http://www.turfoision.c4s.online/
Title: TURFOISION

Search URL Search Domain Scan URL

URL: http://www.derma-turf.lachezvos.pro/
Title: DERMA-TURF

Search URL Search Domain Scan URL

URL: http://www.expert-course.c4s.online/
Title: EXPERT

Search URL Search Domain Scan URL

URL: http://leveinardturf1.onlc.fr/?killdesignsession
Title: LEVEINARD

Search URL Search Domain Scan URL

URL: http://www.papirus.lachezvos.pro/
Title: PAPIRUS

Search URL Search Domain Scan URL

URL: http://www.abc-cheval.lachezvos.pro/
Title: ABC-CHEVAL

Search URL Search Domain Scan URL

URL: http://www.prono-center.c4s.online/
Title: CENTER

Search URL Search Domain Scan URL

URL: http://www.pmu-trader.c4s.online/index.php
Title: PMU-TRADER

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topgenie/
Title: TOPGENIE

Search URL Search Domain Scan URL

URL: http://lemagicienduturf.free.fr/
Title: LEMAGICIEN

Search URL Search Domain Scan URL

URL: http://www.parishorse.com/
Title: PARISHORSE

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/astropmu
Title: ASTROPMU

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion
Title: PMUCHAMPION

Search URL Search Domain Scan URL

URL: http://www.pmuchampion.com/accueil.php?page=main
Title: PMUCHAMPION

Search URL Search Domain Scan URL

URL: https://www.allosponsor.com/
Title: AlloSponsor.com

Search URL Search Domain Scan URL

URL: http://www.istockphoto.com/file_closeup.php?id=2849344&platform=blogger
Title: fpm

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://img.root-top.com/topsite/exelturf/banner.gif HTTP 301
https://img.root-top.com/topsite/exelturf/banner.gif HTTP 302
http://lemagicienduturf.free.fr/images/exelturf.jpg

Request Chain 7

http://img.root-top.com/topsite/assezdegain/banner.gif HTTP 301
https://img.root-top.com/topsite/assezdegain/banner.gif HTTP 302
http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif

Request Chain 8

http://img.root-top.com/topsite/astropmu/banner.gif HTTP 301
https://img.root-top.com/topsite/astropmu/banner.gif

Request Chain 9

http://img.root-top.com/topsite/01turf/banner.gif HTTP 301
https://img.root-top.com/topsite/01turf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif

Request Chain 10

http://img.root-top.com/topsite/topturfjs/banner.gif HTTP 301
https://img.root-top.com/topsite/topturfjs/banner.gif HTTP 302
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Request Chain 11

http://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 301
https://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 302
http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif

Request Chain 12

http://img.root-top.com/topsite/pmuturf/banner.gif HTTP 301
https://img.root-top.com/topsite/pmuturf/banner.gif HTTP 302
https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif

Request Chain 26

http://themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd&options=w1600 HTTP 301
https://themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd&options=w1600

Request Chain 101

https://b.stats.paypal.com/v2/counter.cgi?p=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS

99 HTTP transactions
25 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
turfgenie.blogspot.com/ 94 KB
14 KB 373ms
322ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://turfgenie.blogspot.com/?m=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be9a526d6efe93f2079b728546e1eecfe638b8e70eef74ed31ebaec64ef5c408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 13736
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Jan 2023 17:16:05 GMT
ETag: W/"cd25bedfe248465b868ff28e1022ba638bb0b2c1f59e0ce413daeda5dc591d3c"
Expires: Thu, 05 Jan 2023 17:16:05 GMT
Last-Modified: Thu, 05 Jan 2023 09:54:44 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 169ms
39ms Stylesheet
text/css 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 07:11:13 GMT
x-content-type-options: nosniff
age: 381892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35960
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 18:50:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 01 Jan 2024 07:11:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 235ms
97ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5241295165143928&host=ca-host-pub-1556223355139109

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23aad6d6b4e5132ef6c27ad484e65a6fc8ba7e9d1d9fbe0b15e46b7adaca33d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://turfgenie.blogspot.com/
Origin: http://turfgenie.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49392
x-xss-protection: 0
server: cafe
etag: 11050327084158226554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 17:16:05 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 135ms
50ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:16:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ec76424fc4148a81"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 17:16:05 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 137ms
135ms Stylesheet
text/css 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4124775128185576567&zx=e3f97467-2e7b-4a9c-a4b6-eec1601cc3ce

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 05 Jan 2023 17:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 17:16:05 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TURFGENIE.jpg
1.bp.blogspot.com/-YVCc8wjK9EY/YT81YXhRKWI/AAAAAAAAABY/B6vgrQmDdTAQn6GwhH43glAxawNrFBRpgCLcBGAsYHQ/s950/ 21 KB
21 KB 142ms
53ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YVCc8wjK9EY/YT81YXhRKWI/AAAAAAAAABY/B6vgrQmDdTAQn6GwhH43glAxawNrFBRpgCLcBGAsYHQ/s950/TURFGENIE.jpg

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c7f8089b0839e107c835d7d27d49839818591b2f698dd36b5e78c2ac3ebaff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
x-content-type-options: nosniff
server: fife
etag: "v17"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="TURFGENIE.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21060
x-xss-protection: 0
expires: Fri, 06 Jan 2023 17:16:05 GMT

GET
H/1.1 200
OK logo.gif
www.parishorse.net/ 8 KB
9 KB 130ms
46ms Image
image/gif 194.150.236.166
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.parishorse.net/logo.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns6.hiwit.net
Software: Apache /
Resource Hash: 01b97ce4a5da28b566410f8b253d259cdd615f9760d33678414c2b3a713eef93

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:16:05 GMT
Last-Modified: Mon, 09 Dec 2019 07:48:52 GMT
Server: Apache
ETag: "190dafe-2115-59940a06ce100"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 8469

GET
H/1.1

200
OK

exelturf.jpg
lemagicienduturf.free.fr/images/
Redirect Chain

http://img.root-top.com/topsite/exelturf/banner.gif
https://img.root-top.com/topsite/exelturf/banner.gif
http://lemagicienduturf.free.fr/images/exelturf.jpg

3 KB
3 KB

142ms
46ms

Image
image/jpeg

212.27.63.154
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lemagicienduturf.free.fr/images/exelturf.jpg
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 212.27.63.154 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: perso154-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: 116d95fd87a2ff2206f3afba428f80c8b8008ec3e5696796c24b13f71ce30ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:16:05 GMT
Last-Modified: Wed, 02 May 2018 06:53:13 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]
ETag: "600db35e2-aa5-5ae96059"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 2725

Redirect headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBSzxA6PpcuUEy4IcQEPKQMWDzBAb7VzCgjuIU6uthnHv6a4Cnir08kBn%2BMxgoeo3H%2BkgqYAHDLX8lzE%2FbA48wW3FDS2K%2BlHPrzJY5EjoHgAPrFPWMVgm8qs2CmC%2FCH814v%2BTVZKWO7csPy78zO0"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=ISO-8859-1
location: http://lemagicienduturf.free.fr/images/exelturf.jpg
cf-ray: 784ddc17e88223f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

ASSEZDE%20GAIN1.gif
www.kriturf.lachezvos.pro/banniere/
Redirect Chain

http://img.root-top.com/topsite/assezdegain/banner.gif
https://img.root-top.com/topsite/assezdegain/banner.gif
http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif

5 KB
5 KB

147ms
51ms

Image
image/gif

46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 7053d08a8d3f455165a518bcff1df4f603bda6f19616a0e479dbfc39989b87ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
last-modified: Fri, 03 Feb 2017 19:12:15 GMT
server: Apache
x-iplb-request-id: 50FF0768:848A_2E6939A9:0050_63B705D5_46271:1D02A
x-iplb-instance: 17196
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 4905
expires: Thu, 05 Jan 2023 17:31:05 GMT

Redirect headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsAbbpKSHBvD8j6gjfib5KDhjmqli1yxVsyb9l22bNLENaFyxPirpLOhH7f%2FrYb3dpopE98vhukNK35GUuAvjp99natfz7e9sR2WkGqDD1lPohNjuRkDGMwL%2Fr4Vz22p5dc50iMA3znnem0Fqkzm"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=ISO-8859-1
location: http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif
cf-ray: 784ddc17e88723f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

banner.gif
img.root-top.com/topsite/astropmu/
Redirect Chain

http://img.root-top.com/topsite/astropmu/banner.gif
https://img.root-top.com/topsite/astropmu/banner.gif

3 KB
4 KB

144ms
63ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/astropmu/banner.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b75600812a4c9488493020fa0ff6e26724792bccb162fee8b78052062c07b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 12:57:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101921
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Liv0RTSPJ3dxzrn%2FxBNHtiibsVBUDeBS3cnShzsib3WOuT51oeE2%2Fo9%2F8jYXlt%2Fzg978wwDm9IEgZc4h%2FojmknF4pbKJdsvFBafn4w4mhzNsIkeuY4pUv2uRjawBzu%2Bc4qSdgb6tSKXUCQM5GBO%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 784ddc17e88423f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3217
expires: Sat, 07 Jan 2023 12:57:24 GMT

Redirect headers

Date: Thu, 05 Jan 2023 17:16:05 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoG%2F30nTmL5GksQ4i3v5%2Fwi0%2F0Mr2f8eSuUYh4DDATrWLlVywLwuf%2BppfEYAtpdvs6PrB8wzvPRBzrn6mA5e55grPLNfFtrMwjpO%2FX76eZqCUj0ngDu5OQtl4TIscQe%2BqmhUpywDku20BffE%2B631"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/astropmu/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 784ddc16caf571c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

01-turf0.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain

http://img.root-top.com/topsite/01turf/banner.gif
https://img.root-top.com/topsite/01turf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif

105 KB
106 KB

155ms
48ms

Image
image/gif

2606:4700:3035::ac43:c4a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::ac43:c4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1799735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107801
last-modified: Sun, 03 Dec 2017 21:54:18 GMT
server: cloudflare
etag: "5a24728a-1a519"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BugvaS62jzZVX0OI%2BCGT4icCg8vpo1GNFA%2BQEhemEhRL2eGUggUnku6KVWOUvKJOP73trzYs%2Bvp62ZGrr7XcnbQh3%2FnN3bcqRKh7nx3ymH1fe7XTuwdMtSwLkYn3TFzXqufh9m2k1BffGd4eCxni"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 784ddc196baa9a1e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B0tx3z8xtf%2FLKOD4W1EvEqLiZxF0vgfEG1YBeApsNmb7XIfmWSdQhVLwJSCTxy0nrh2A4fZuVOUewLT6pd6qLpwwN11gdKi709lFYIkDWM1D3Nmxfx58JA1Huw5xuB5MGtoY8bR7qxJiS5waueM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=ISO-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
cf-ray: 784ddc17e87e23f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

TOPSITE0.gif
4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/
Redirect Chain

http://img.root-top.com/topsite/topturfjs/banner.gif
https://img.root-top.com/topsite/topturfjs/banner.gif
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

21 KB
21 KB

43ms
42ms

Image
image/gif

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:20:56 GMT
x-content-type-options: nosniff
age: 10509
content-disposition: inline;filename="TOPSITE0.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21771
x-xss-protection: 0
server: fife
etag: "v122d"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:58:18 GMT

Redirect headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfXR7taY%2FZCM%2FCtpPm3jMIytSh%2FQBHcnEsKkZzIWZ8YZXN5G%2F%2Bp4lWgEy0%2B9gzp2TQbTOsCQRNu80nquQfQNrVEkw4rYZ%2FOvySK3OOxpPUJwauCxZbt75GfJfMVs0Cm62MIGxQ1ohHll%2BQabeNRE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=ISO-8859-1
location: https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
cf-ray: 784ddc17e88023f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

pmuchmpi.gif
www.pmu-net.lachezvos.pro/image/
Redirect Chain

http://img.root-top.com/topsite/pmuchampion/banner.gif
https://img.root-top.com/topsite/pmuchampion/banner.gif
http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif

9 KB
9 KB

168ms
50ms

Image
image/gif

2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
last-modified: Sun, 01 Dec 2019 13:31:47 GMT
server: Apache
x-iplb-request-id: 2A0104A0133800920000000000000006:9CF6_200141D0030100000000000000000020:0050_63B705D5_0338:2340F
x-iplb-instance: 38228
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 9008
expires: Thu, 05 Jan 2023 17:31:05 GMT

Redirect headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDH7rbSLaUqEvt5BL5mE49kr0X0Qv1D9ucC63laTG5AmLDmlHdsgrQW0uGTHXLEI0PTwbsjs6zWhRwD0v4JD0dd4Vqixs%2FEr4v3S0OJJD0pzgtcMDzrek3xavpuLCDdZFDISVvMCs%2FZqu%2Bh2ffd%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=ISO-8859-1
location: http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
cf-ray: 784ddc17e88823f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

pmuturf_logo_root-top.gif
3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/
Redirect Chain

http://img.root-top.com/topsite/pmuturf/banner.gif
https://img.root-top.com/topsite/pmuturf/banner.gif
https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif

11 KB
12 KB

56ms
39ms

Image
image/gif

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f319b9db9c7224703100306c2f048d7d1f75476f4184fc6a6083abc721270bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:11:00 GMT
x-content-type-options: nosniff
age: 305
content-disposition: inline;filename="pmuturf_logo_root-top.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11769
x-xss-protection: 0
server: fife
etag: "v1abe"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 20 Dec 2022 13:33:59 GMT

Redirect headers

date: Thu, 05 Jan 2023 17:16:05 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FmteT2D%2Fc4kSOVAcW5tluPBZRH%2B2OZ35vJjU0rdU5Fg6xUlCOj4Fjrab5T1fF6pBGmp%2Fw%2FXmGnHnzmdG4k3%2BbIhkuoKgdSBM5PmSFn0MFJ%2FVA1XoGuPYR7GTs8Zm9TtI8NiJ3OpVX1qvD1NfzRC"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=ISO-8859-1
location: https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif
cf-ray: 784ddc17e88623f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK PMUCH.gif
jeuxsurs.siteneti.net/image/ 37 KB
37 KB 110ms
49ms Image
image/gif 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jeuxsurs.siteneti.net/image/PMUCH.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 853003068526c8290a08b44e300be0151e9e9a433699d18f436fcbf0e07ae9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
last-modified: Sat, 30 Nov 2019 14:57:16 GMT
server: Apache
x-iplb-request-id: 2A0104A0133800920000000000000006:DFA8_200141D0030100000000000000000028:0050_63B705D5_B129:223B8
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 37913
expires: Thu, 05 Jan 2023 17:31:05 GMT

GET
H/1.1 200
OK pmutrader.gif
www.pmu-trader.c4s.online/banniere/ 276 KB
276 KB 119ms
51ms Image
image/gif 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pmu-trader.c4s.online/banniere/pmutrader.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: ce387cb66fb54e6f1186263138a2438fe60fac2c82222a9de27adaeba6e276d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
last-modified: Tue, 16 May 2017 15:33:50 GMT
server: Apache
x-iplb-request-id: 50FF0768:8438_2E6939A9:0050_63B705D5_4187C:1D029
x-iplb-instance: 17196
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 282363
expires: Thu, 05 Jan 2023 17:31:05 GMT

GET
H/1.1 200
OK header.png
www.lepro-pmu.c4s.online/banniere/ 411 KB
411 KB 123ms
55ms Image
image/png 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lepro-pmu.c4s.online/banniere/header.png
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: ef769c1553249e2885e95ccc6d6e3f4e3a6c56dd7fb8039dd1512c1d5770300b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
last-modified: Wed, 05 Apr 2017 09:28:05 GMT
server: Apache
x-iplb-request-id: 50FF0768:843A_2E6939A9:0050_63B705D5_2D8BB:1D026
x-iplb-instance: 17196
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 420473
expires: Thu, 05 Jan 2023 17:31:05 GMT

GET
H/1.1 200
OK bann.gif
games-turf.siteneti.net/banniere/ 141 KB
141 KB 122ms
49ms Image
image/gif 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://games-turf.siteneti.net/banniere/bann.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: ca8e559d96d8249aa1b954a30305896f929a98b9210d1a57f7664319d4454c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
last-modified: Fri, 29 Nov 2019 14:03:47 GMT
server: Apache
x-iplb-request-id: 2A0104A0133800920000000000000006:DFB0_200141D0030100000000000000000028:0050_63B705D5_B769:223B9
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 143975
expires: Thu, 05 Jan 2023 17:31:05 GMT

GET
H/1.1 200
OK mini%20turf.jpg
www.mini-turf.c4s.online/banniere/ 278 KB
278 KB 199ms
130ms Image
image/jpeg 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mini-turf.c4s.online/banniere/mini%20turf.jpg
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 3b4d7c223f67b89c4d51f5a523f1e27b78bd5f559a7f7042309fe97f43085c8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
last-modified: Thu, 29 Mar 2018 09:10:41 GMT
server: Apache
x-iplb-request-id: 2A0104A0133800920000000000000006:9C9A_200141D0030100000000000000000020:0050_63B705D5_029B:162E0
x-iplb-instance: 38229
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 284220
expires: Thu, 05 Jan 2023 17:31:05 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 329 KB
99 KB 600ms
496ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5fc2a74434e97b30ae759c9c3e1337440442408b25340b15ba02ab50031d5a74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
p3p: true
paypal-debug-id: f24061114460e
server-timing: "traceparent;desc="00-0000000000000000000f24061114460e-0228f856033efffb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 100607
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220038-HHN
traceparent: 00-0000000000000000000f24061114460e-736f62dce8fe9b09-01
x-timer: S1672938966.612577,VS0,VE459
etag: W/"188ff-6XGPHFBLBUkpF+nF+GDW22QLLIk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
283 B 90ms
88ms Image
image/gif 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 12:35:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Dec 2022 13:51:57 GMT
server: sffe
age: 535255
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 06 Jan 2023 12:35:10 GMT

GET
H2 200 ANbyha2WVo3Gj0IPx20rDuCk-6y3vymvdaFlnWDOedbnjSok0k8wJ0PYZAuUlYqRN0ND8Z8gMoUsDnLh1tZmCWpJ17hPLwArnw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 132ms
47ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2WVo3Gj0IPx20rDuCk-6y3vymvdaFlnWDOedbnjSok0k8wJ0PYZAuUlYqRN0ND8Z8gMoUsDnLh1tZmCWpJ17hPLwArnw=w72-h72-p-k-no-nu

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75a98359907d89c37f29c1ef75bc1bc1d6026ee55aa7dc92b89dba110737f1c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3107
x-xss-protection: 0
expires: Fri, 06 Jan 2023 17:16:05 GMT

GET
H/1.0 200
OK iframe_sponsor.eur Show response
www.allosponsor.com/cgi-bin/ 5 KB
2 KB 110ms
56ms Script
text/html 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&type=1&popinto=1
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.0
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: e23bef528e2f8d8e3b06af8a8f64a8d979ea91b0e5b42476dba6c0b6dc007eea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:14:54 GMT
Content-Encoding: gzip
Via: 1.1 212-83-183-115.rev.poneytelecom.eu:80 (squid/2.7.STABLE9)
X-Cache-Lookup: MISS from 212-83-183-115.rev.poneytelecom.eu:80
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
X-Cache: MISS from 212-83-183-115.rev.poneytelecom.eu
Content-Type: text/html
Connection: close

GET
H/1.1 200
OK cookienotice.js Show response
turfgenie.blogspot.com/js/ 6 KB
3 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://turfgenie.blogspot.com/js/cookienotice.js

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/?m=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:16:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Jan 2023 16:53:09 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Thu, 12 Jan 2023 17:16:05 GMT

GET
H2 200 3675762886-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
153 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3675762886-widgets.js

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c3597fab0ce649ba89abe43afe195539c1f2f5bbe75f6477df94f4caf65637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 02:45:16 GMT
x-content-type-options: nosniff
age: 311449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156297
x-xss-protection: 0
last-modified: Sun, 01 Jan 2023 22:50:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 02 Jan 2024 02:45:16 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 173 KB
57 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aceab2a83a86b7ddd5dd7d4720a346dfc02ef4a5075d095e99c524c7f7647b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 21:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57913
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 21:04:42 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 104ms
53ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

HTTP/1.1

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 19:14:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 79313
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Wed, 18 Jan 2023 19:14:12 GMT

GET
H2

200

image
themes.googleusercontent.com/
Redirect Chain

http://themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd&options=w1600
https://themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd&options=w1600

128 KB
128 KB

81ms
80ms

Image
image/jpeg

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd&options=w1600

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

276cd8084affdf9e5d659035fd95e90bf187c4945d92aa1aead549f164e1d5c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130673
x-xss-protection: 0
expires: Fri, 06 Jan 2023 17:16:05 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 17:16:05 GMT
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd&options=w1600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg_black_50.png
resources.blogblog.com/blogblog/data/1kt/travel/ 83 B
221 B 105ms
105ms Image
image/png 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/travel/bg_black_50.png

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad5d8cd8999e56275e12e5a5325b108bd15146fefe072af726fffecfe6ab862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:24:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Dec 2022 22:51:12 GMT
server: sffe
age: 539517
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 06 Jan 2023 11:24:08 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 5C31 7 KB
3 KB 151ms
150ms Document
text/html 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=4124775128185576567&blogName=TURF+GENIE&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://turfgenie.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://turfgenie.blogspot.com/&vt=3202043039699702454&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

72aa4bb34a2df5b8e8b5c14d1f4bf294b08820a754a6ad8313f02af4683e003a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2579
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Thu, 05 Jan 2023 17:16:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 218ms
114ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5241295165143928&plah=turfgenie.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5241295165143928&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a005e4acf7d61bb526d2a07af927f58771a4689a54500b9bc4bc773d5f5ae7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119968
x-xss-protection: 0
server: cafe
etag: 7768787400212219866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 17:16:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 05EA 10 KB
5 KB 120ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5241295165143928&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 12:50:05 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 12:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 572ms
571ms Stylesheet
text/css 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4124775128185576567&zx=e3f97467-2e7b-4a9c-a4b6-eec1601cc3ce

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 05 Jan 2023 17:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 17:16:06 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 5C31 54 KB
20 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4124775128185576567&blogName=TURF+GENIE&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://turfgenie.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://turfgenie.blogspot.com/&vt=3202043039699702454&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8c7a73b00b68e5b2547715c54ec90d75bd48c1e1016de1178f38be47547a3a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:16:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "e203b3eb7c1b4f6d"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 17:16:05 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 5C31 907 B
930 B 38ms
38ms Image
image/png 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 07:35:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 12:50:49 GMT
server: sffe
age: 380434
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 08 Jan 2023 07:35:31 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 5C31 117 B
140 B 39ms
39ms Image
image/png 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 13:56:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Jan 2023 00:49:49 GMT
server: sffe
age: 357601
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 08 Jan 2023 13:56:04 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 5C31 126 KB
42 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 13:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 13:14:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
695 B 133ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=turfgenie.blogspot.com&callback=_gfp_s_&client=ca-pub-5241295165143928&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5241295165143928&plah=turfgenie.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ecc9b566c3885deb0a25729d2cf367287ee692823313ca0da230b1dd5c4de2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 159ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=turfgenie.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=turfgenie.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BF8 603 B
68 B 395ms
316ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5241295165143928&output=html&adk=1812271804&adf=3025194257&lmt=1672912484&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fturfgenie.blogspot.com%2F%3Fm%3D1&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1672938965620&bpp=3&bdt=359&idt=337&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7155862526276&frm=20&pv=2&ga_vid=1823319913.1672938966&ga_sid=1672938966&ga_hid=1942018813&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C44768832%2C44778780%2C44780792&oid=2&pvsid=1297075508849850&tmod=795528061&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=357

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 17:16:06 GMT
expires: Thu, 05 Jan 2023 17:16:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 41ms
41ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=turfgenie.blogspot.com&t=xo&v=5.0.344&source=payments_sdk&client_id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ppbltFVFg7Iy71n6cHymk7a93gKfYFKNxfBkT43e3f6JX1cy' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ppbltFVFg7Iy71n6cHymk7a93gKfYFKNxfBkT43e3f6JX1cy' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47
x-cache: HIT
paypal-debug-id: f5284805437e5
server-timing: "traceparent;desc="00-0000000000000000000f5284805437e5-695b62ef20e2c4b8-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220038-HHN
traceparent: 00-0000000000000000000f5284805437e5-2512a69756993ef7-01
x-timer: S1672938966.175884,VS0,VE4
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET buttons
www.paypal.com/smart/ Frame 0EAF 0
0

GET
DATA 200
OK truncated
/ Frame 6CB1 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6CB1 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6CB1 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6CB1 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6CB1 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 39ms
39ms Image
image/png 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:56:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Dec 2022 20:50:15 GMT
server: sffe
age: 458397
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 07 Jan 2023 09:56:09 GMT

GET
DATA 200
OK truncated
/ Frame A129 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A129 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A129 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A129 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A129 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET buttons
www.paypal.com/smart/ Frame CF6C 0
0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1006 B
2 KB 269ms
269ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d0af3ebc6e43040b3ddd63790393af83727966bd6b4dc90631a7fdcad003b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f93627069e60e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f93627069e60e-308b0464e82d6fbb-01
x-timer: S1672938967.658078,VS0,VE208
etag: W/W/"3ee-0OUk1jNzi9Cx2aaHS0q9ZE9hQoc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 326ms
251ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f2406111f9942
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2406111f9942-054745427ed5d764-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938966.385553,VS0,VE212

GET
DATA 200
OK truncated
/ Frame C268 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C268 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C268 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C268 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C268 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET buttons
www.paypal.com/smart/ Frame E1A7 0
0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1015 B
2 KB 335ms
334ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eba4c9a1d3ab74e68c259142a3df69565ccd941026d717c411beb14a8f5fbe14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f9362706409f7
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f9362706409f7-d3884addfab8aab4-01
x-timer: S1672938967.631209,VS0,VE282
etag: W/W/"3f7-iTx9nLhzw1flUqQ/VIwT5lCBArk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 ts
t.paypal.com/ 42 B
445 B 353ms
209ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=TURF%20GENIE&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1672938966364&g=0&completeurl=http%3A%2F%2Fturfgenie.blogspot.com%2F%3Fm%3D1&ru=http%3A%2F%2Fturfgenie.blogspot.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3711) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:16:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/3711)
traceparent: 00-0000000000000000000a1dbd55768643-5b633f7012b0fc28-01
content-type: image/gif
paypal-debug-id: a1dbd55768643
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 05 Jan 2023 17:16:06 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
442 B 349ms
206ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=TURF%20GENIE&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1672938966365&g=0&completeurl=http%3A%2F%2Fturfgenie.blogspot.com%2F%3Fm%3D1&ru=http%3A%2F%2Fturfgenie.blogspot.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35F2) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:16:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35F2)
traceparent: 00-00000000000000000005ce93be5e0d2b-0fa678980df3fa6c-01
content-type: image/gif
paypal-debug-id: 5ce93be5e0d2b
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 05 Jan 2023 17:16:06 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
447 B 334ms
196ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=TURF%20GENIE&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1672938966369&g=0&completeurl=http%3A%2F%2Fturfgenie.blogspot.com%2F%3Fm%3D1&ru=http%3A%2F%2Fturfgenie.blogspot.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/358C) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:16:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/358C)
traceparent: 00-000000000000000000086f62f1dda8b9-64e1890b03740388-01
content-type: image/gif
paypal-debug-id: 86f62f1dda8b9
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 05 Jan 2023 17:16:06 GMT

GET
DATA 200
OK truncated
/ Frame B71C 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B71C 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B71C 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B71C 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B71C 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 264B 411 KB
155 KB 422ms
422ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_c1b7663933_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edc9c56cf1a98fa4fb4a1c4012130fc243ecaa14b964c40b6cdaf1d5facd693f

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"66af5-hCT6KyFvWlMB64upcnlGBbmi4oU"
p3p: true
paypal-debug-id: f9362700663dd
server-timing: "traceparent;desc="00-0000000000000000000f9362700663dd-ac95810333847288-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9362700663dd-dd533c811ce90ca1-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn-etou8220038-HHN
x-timer: S1672938967.507745,VS0,VE378
x-xss-protection: 1; mode=block

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1019 B
2 KB 239ms
237ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a1b71cc3537502882c1eff94cf509d58450b2e1e486db479e13ec83d2ef1724

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f936270f8597c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f936270f8597c-00b32282c6e2345c-01
x-timer: S1672938967.710769,VS0,VE194
etag: W/W/"3fb-sezdFZNQIauACEQRnMQP79X0VrU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 ts
t.paypal.com/ 42 B
734 B 258ms
191ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=TURF%20GENIE&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1672938966441&g=0&completeurl=http%3A%2F%2Fturfgenie.blogspot.com%2F%3Fm%3D1&ru=http%3A%2F%2Fturfgenie.blogspot.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35F8) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 17:16:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35F8)
traceparent: 00-0000000000000000000763c1c5163272-0c7d06d7db7cc076-01
content-type: image/gif
paypal-debug-id: 763c1c5163272
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 05 Jan 2023 17:16:06 GMT

GET
H/1.1 200
OK iframe_sponsor.eur Show response
www.allosponsor.com/cgi-bin/ Frame CECF 2 KB
1 KB 268ms
53ms Document
text/html 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&type=1&affc=1&s=0
Requested by: Host: www.allosponsor.com
URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&type=1&popinto=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 443d73da9a31bdb5ff5dd772138851c0e90eec850136703a69b76b8b5292d25a

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 05 Jan 2023 17:14:56 GMT
Keep-Alive: timeout=15, max=100
Server: Apache/2.2.22 (Debian)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK iframe_sponsor.eur Show response
www.allosponsor.com/cgi-bin/ Frame 7C79 2 KB
1 KB 270ms
54ms Document
text/html 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&affc=1&s=0
Requested by: Host: www.allosponsor.com
URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&type=1&popinto=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 443d73da9a31bdb5ff5dd772138851c0e90eec850136703a69b76b8b5292d25a

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 05 Jan 2023 17:14:56 GMT
Keep-Alive: timeout=15, max=100
Server: Apache/2.2.22 (Debian)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK transp.gif
www.allosponsor.com/images/ 49 B
340 B 327ms
47ms Image
image/gif 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allosponsor.com/images/transp.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:14:56 GMT
Last-Modified: Thu, 18 Dec 2008 10:28:48 GMT
Server: Apache/2.2.22 (Debian)
ETag: "3803d3-31-45e4fa86d3800"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 49

GET
H/1.1 200
OK closeb.gif
www.allosponsor.com/images/ 706 B
999 B 333ms
48ms Image
image/gif 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allosponsor.com/images/closeb.gif
Requested by: Host: turfgenie.blogspot.com
URL: http://turfgenie.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:14:56 GMT
Last-Modified: Sat, 20 Dec 2008 14:28:55 GMT
Server: Apache/2.2.22 (Debian)
ETag: "380380-2c2-45e7b3ed557c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 706

GET
H/1.1 200
OK stats Show response
turfgenie.blogspot.com/b/ 410 B
563 B 218ms
217ms XHR
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://turfgenie.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCc86hLDyKg2NYJ8wys0-mGxYUMQCc3llrtEBiX3j-YuqOr38T12o-v5vaoVoUUbDiaGUBeatVRJ6mNZ-i4RhpumgUQGA

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3675762886-widgets.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43ec4cb702fd1df5902ade23c8ab91605ae2ea03b9e3ccf5510dd15551fe5132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/?m=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:16:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 268
X-XSS-Protection: 1; mode=block
Expires: Thu, 05 Jan 2023 17:16:06 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1013 B
2 KB 215ms
215ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f2dfb884d4cf8da5094b4f2adacd7b0d4a2f2881ddb49b12dde71f47cf31ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f936270aceca4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f936270aceca4-6b340cf37775683f-01
x-timer: S1672938967.712255,VS0,VE177
etag: W/W/"3f5-WFc6tyZRAwxkLxwICZ/5ze7Jdg8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1015 B
2 KB 276ms
274ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f1e3d32c71aa3083b2c7c3a4960ec99602aa34d165c5e7193151d4fe51b3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f9362701f8bcb
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f9362701f8bcb-3d467b1ed3bb8af7-01
x-timer: S1672938967.683371,VS0,VE235
etag: W/W/"3f7-mwCL0J70/g5MYGsQrIHwvjXApJw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 242ms
233ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f240611ff6c74
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f240611ff6c74-34506ff74238ee3c-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938966.385520,VS0,VE193

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 250ms
249ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f240611b7812b
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f240611b7812b-446cd66a184789d4-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938966.453140,VS0,VE210

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 231ms
230ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f24061128f5b2
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f24061128f5b2-eeff7c9b3e1a9c7a-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938966.479872,VS0,VE192

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 198ms
198ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f24061137344a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f24061137344a-b4bdff3643e817df-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938966.480232,VS0,VE161

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1004 B
2 KB 216ms
215ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44ee3f1fc4d70f39fb90bfb7e7fccda3406a77dbf486eb071a6333fc1791bd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f93627008eafd
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f93627008eafd-13379cf3d5be9b39-01
x-timer: S1672938967.797337,VS0,VE175
etag: W/W/"3ec-h6a7duYfFBRZhQw3CAiXYniAkFg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 269ms
269ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f936270d5045c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f936270d5045c-6aa3daa770a62925-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938967.521048,VS0,VE219

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1013 B
1 KB 253ms
252ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3758b241e93a47813cfff5edd11c7546c48706e6560401b9df8b9a56f968896

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f936270411679
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f936270411679-ac353d4e6a17f6f0-01
x-timer: S1672938967.756616,VS0,VE211
etag: W/W/"3f5-HM5u+XLi0My48ahLsqk3yY63B6Y"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 224ms
224ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:06 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f936270d428e9
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f936270d428e9-b2c84da0dbad2fb0-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938967.531267,VS0,VE185

GET
H3 200 stats-flipper.png
www.blogger.com/img/widgets/ 233 B
256 B 39ms
37ms Image
image/png 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/widgets/stats-flipper.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2911f4e04096744757ceab7a895e0ee51494b6feaefaef9f1870272b3dc2dcca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 13:20:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 10:51:45 GMT
server: sffe
age: 14139
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Jan 2023 13:20:27 GMT

GET
H/1.1 200
OK turfmagique2.gif
www.turfmagique.fr/logos/ Frame CECF 12 KB
12 KB 224ms
49ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfmagique.fr/logos/turfmagique2.gif

Requested by

Host: www.allosponsor.com
URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&type=1&affc=1&s=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

69c670018407a9d6f8df69551c158915c0916cd8c48a714d4c89cb160072362d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allosponsor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:16:06 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Wed, 20 Oct 2021 06:15:48 GMT
Server: Apache
ETag: "2611253-2e90-5cec2b5862d00"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 11920

GET
H/1.1 200
OK turfmagique2.gif
www.turfmagique.fr/logos/ Frame 7C79 12 KB
12 KB 223ms
52ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfmagique.fr/logos/turfmagique2.gif

Requested by

Host: www.allosponsor.com
URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88612&affc=1&s=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

69c670018407a9d6f8df69551c158915c0916cd8c48a714d4c89cb160072362d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allosponsor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:16:06 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Wed, 20 Oct 2021 06:15:48 GMT
Server: Apache
ETag: "2611253-2e90-5cec2b5862d00"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 11920

GET
DATA 200
OK truncated
/ Frame 264B 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 264B 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 264B 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 264B 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 264B 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 264B 329 KB
99 KB 40ms
38ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_c1b7663933_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5fc2a74434e97b30ae759c9c3e1337440442408b25340b15ba02ab50031d5a74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_c1b7663933_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-S4UqEeJGlyNVhQcdE/VX5sd99SgiPVqws2osx1zzOkhbtMBh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 17:16:07 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: HIT
p3p: true
paypal-debug-id: f24061114460e
server-timing: "traceparent;desc="00-0000000000000000000f24061114460e-0228f856033efffb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 100607
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220038-HHN
traceparent: 00-0000000000000000000f24061114460e-736f62dce8fe9b09-01
x-timer: S1672938967.081525,VS0,VE2
etag: W/"188ff-6XGPHFBLBUkpF+nF+GDW22QLLIk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 264B 58 KB
20 KB 60ms
40ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 74900
x-cache: HIT
paypal-debug-id: 5fff6b0e53f6d
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000005fff6b0e53f6d-0a51215fd8102c01-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jan 2023 17:16:07 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 264B 1000 B
873 B 616ms
615ms Ping
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fdaaa865b055292404301ff34bb8e21543980b5553f4c25d7d1c00545a5013bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_c1b7663933_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f635624e0cf91
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220038-HHN
traceparent: 00-0000000000000000000f635624e0cf91-37184ce90251a3d9-01
x-timer: S1672938968.890760,VS0,VE574
etag: W/W/"3e8-kXCamjZi18uYPhpF8iLiFa1bghQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 2449 160 B
1 KB 214ms
213ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E2) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 493a90ee71651
date: Thu, 05 Jan 2023 17:16:07 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 493a90ee71651
server: ECAcc (lhd/35E2)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000493a90ee71651-bccf20ffa2865fc1-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame A2D3
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS

42 B
299 B

205ms
70ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_c1b7663933_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 17:16:08 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS
Date: Thu, 05 Jan 2023 17:16:08 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 2449 58 KB
20 KB 41ms
40ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 74901
x-cache: HIT
paypal-debug-id: 5fff6b0e53f6d
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000005fff6b0e53f6d-0a51215fd8102c01-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jan 2023 17:16:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 216ms
101ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aae4e91cf989233fa648e1d63de18697c3c0036e8201934310ab8d8820dd9b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11094
x-xss-protection: 0

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 2449 125 B
757 B 321ms
321ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3716) /

Resource Hash

9001747d82d3877d5ba9b7016c67b999ed0bf8ac30b0708d11eb1a2755adce95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: aba119c077155
server: ECAcc (lhd/3716)
traceparent: 00-0000000000000000000aba119c077155-6e857db7fdbb3753-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: aba119c077155
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 2449 0
230 B 219ms
219ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 7e0426baafd89
server: ECAcc (lhd/35E6)
traceparent: 00-00000000000000000007e0426baafd89-94fe4fa60daef7db-01
paypal-debug-id: 7e0426baafd89
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 2449 0
336 B 377ms
226ms Image
text/plain 2606:2800:233:ce53:4396:b914:64c2:638e
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_7848ed5f05_mtc6mty6mdy&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:ce53:4396:b914:64c2:638e , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35FE) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:07 GMT
content-encoding: gzip
correlation-id: c8aab616b5f0f
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35FE)
traceparent: 00-0000000000000000000c8aab616b5f0f-771155f7fca0a7b1-01
vary: Accept-Encoding
paypal-debug-id: c8aab616b5f0f
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 264B 1012 B
2 KB 220ms
213ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8dcd6a81afc45fc0fc34d9a46a4446a3fef7b266383c608d5b40bc32933f1ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_c1b7663933_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f635624e82718
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220038-HHN
traceparent: 00-0000000000000000000f635624e82718-8b2a28e8557f9ad5-01
x-timer: S1672938968.238704,VS0,VE175
etag: W/W/"3f4-xSiWpAPb2hiEMjkLymlwTu8MZno"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1004 B
2 KB 312ms
310ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

929ea12b188336eafaed795fe17043364fc2068e7d2c142b85652c642bad6e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f63562482d959
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f63562482d959-0d8fa48dd655cb65-01
x-timer: S1672938968.483745,VS0,VE262
etag: W/W/"3ec-uZIN5Y3v6b77ZQBXWLakMoPzoao"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1013 B
2 KB 241ms
235ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

475f86d1439f2b14981c6f722f3778618c14bd80e20959ce47f9c462b691f0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f635624382c9b
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f635624382c9b-c972fd7dcf443f95-01
x-timer: S1672938968.482546,VS0,VE197
etag: W/W/"3f5-ljJRWObYM6RKGBH0yjH4cP3tCUo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1004 B
1 KB 249ms
237ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0429a12aefa26d10e692153a57334377c0337db85376f8eb2cb16116f73bdd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f5865336590f6
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f5865336590f6-b7261f98019d0427-01
x-timer: S1672938969.519772,VS0,VE194
etag: W/W/"3ec-VE+b/b7C0AYywqjPhh0b5+uuX8o"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1002 B
2 KB 211ms
210ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&enable-funding=venmo&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ba477783a11bd8da7d7032597009596dccf3b0c7f4607a8826397ba0ba53f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://turfgenie.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f58653366dd6c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f58653366dd6c-9b32042f35893feb-01
x-timer: S1672938969.548499,VS0,VE172
etag: W/W/"3ea-JJ3G/CNcTYNAeOgeZL7SR0f8tiI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 242ms
235ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:08 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f63562482653e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f63562482653e-11fde580b38aa15f-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938968.244100,VS0,VE195

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 232ms
225ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:08 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f63562451dd55
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f63562451dd55-191207ce9fdee5f2-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938968.243780,VS0,VE187

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 260ms
255ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:08 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f635624529061
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f635624529061-1b3332dbd590d3f4-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938968.243497,VS0,VE213

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 289ms
283ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://turfgenie.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://turfgenie.blogspot.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 17:16:08 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f635624b19d65
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f635624b19d65-acff0efaf301c66c-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1672938968.243477,VS0,VE237

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 151ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 17:16:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4CD 13 KB
5 KB 149ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 17:07:14 GMT
expires: Fri, 05 Jan 2024 17:07:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 011D 783 B
1 KB 156ms
55ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ae716ab39ada8eaa4b26460fc1b62d2bd5e5d973a33ee4533e379ee3300170e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lplJNcct8MLQgSnQ3qZOMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://turfgenie.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-lplJNcct8MLQgSnQ3qZOMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 17:16:08 GMT
expires: Thu, 05 Jan 2023 17:16:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame B4CD 36 KB
15 KB 51ms
51ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:13:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 011D 0
0 83ms
82ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=1297075508849850&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B4CD 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i7FLjA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:16:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=1297075508849850&bg=!6-il6KzNAAYDMoyoIzI7ACkAdvg8WhVp5RQtC4GdpjNgZ7tr9Ds5dUDWDYXRnmZX4kxxyXK2tUOu_QIAAABPUgAAAANoAQcKAAl6aaB-g0mcDcmZArTNYb-TIrFfGX_aM2L2pF5o-4hja6xeqkZ4gxd5fcHgnynrHFv9gbLW6wF7Cr4sPo89RlN_aP3ylDx7j-Y_cjybp5fBXW_8F5q8OCey7bOMhGjbzIBg6lVzzQLn8jaFzXFXHf-YN4ulp-IZb2vSuWmw7HkKUCGjLJ_c-zmAWGbchWBkBS-N7Nh46bR_FJz4hJg2xb084yP500wB37WKEnkxZk8Fc1SrolAiZZ3Q9zznwRI00S6qB60OCx5hm8FgUsT3vFV5Zyo6BIueSHXXAzO-WCH0-YcHoCTvCVvVyt0wJuOm0uQXC3vCgenqfI2hhCuLY6QWRolFJ3mj_9Pis8BHzZOuDuV6yh6ojQI01S9dKeFwQ6zroPWtBiyhWzcqpd8SjEdrsWq_Z2bLkcX_tW4diNBLivGlD7-9UYtrEFavEfHyONnJULcfdsmj6LDfGt9TftBcWIw7rHQCDblZHGUbw9rI5S0dnlLZAHdg2tLpunDMZ5HBfsoZdsZwXUUeRAGsSFG5TXUkXlVJVkgoWvRzXN7VYhvYUG5E5EKvt3zN6h2_9QBN3Earwot260dqv84a3xJhAaJt4dnHz5P6xELwnEmSQxyzV0-iK3b1ZA93Rt1VzCiee0baw_P2zvPwPTPL411h38r_sctJQHu6nb8xR3VoE-mP2btRTea5CSZnMv7hmD1oYQRQN-Fm4NtSK3V8CqDWqHHSBLDGE3jnet4wTj-pWu2a0ysajHbXJG567HcFS-PlSoJAsrMXWNk2oQ0iO-XHlR3UJe0k2MiHy083zmm9Y5WeYkyMZGXFjb8euzNDvnYeJrY8YgeANPAW7qdQzjyAN1oHcovhPcyohA9bnFTVNmHtMw2TMSV-60_Lc1AAKfhnrMlK7IfaS8P97EOUOAv8rYWaiqChj5R2SdSLSclutg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://turfgenie.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_ae11682d32_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Domain: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_7d84ad8b1c_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Domain: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRxTURQQWp0YklrWk8xNWZ5N3g1M1hCMElHYXlzLTRTekpOSERUZnpKQ0ZIQ1VDNHRrM1RCYjNTaWx3Z2I5QlY1YzhSN3BkdmdacXdjMDYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=ATqMDPAjtbIkZO15fy7x53XB0IGays-4SzJNHDTfzJCFHCUC4tk3TBb3Silwgb9BV5c8R7pdvgZqwc06&sdkCorrelationID=04b2560a24349&storageID=uid_ce61501f6c_mtc6mty6mdy&sessionID=uid_7848ed5f05_mtc6mty6mdy&buttonSessionID=uid_086f30fdd6_mtc6mty6mdy&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 08:42:19	Name: test_cookie Value: CheckForPermission
.paypal.com/	1970-01-20 08:42:20	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-20 18:18:18	Name: ts_c Value: vr%3D82eece601850a2d141113387fb728263%26vt%3D82eece601850a2d141113387fb728262
.paypal.com/	1970-01-20 17:27:54	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 08:42:50	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 08:46:38	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-20 18:18:18	Name: ts Value: vreXpYrS%3D1767633368%26vteXpYrS%3D1672940768%26vr%3D82eece601850a2d141113387fb728263%26vt%3D82eece601850a2d141113387fb728262%26vtyp%3Dnew
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3MjkzODk2ODM5MSIsImwiOiIwIiwibSI6IjAifQ
.c.paypal.com/	1970-01-20 18:18:18	Name: sc_f Value: sFYS41VfCYJIMPnBoXS7finRVP2rIp48XmCRmDFgwMoaymGh4IwoQqzn331xB2-iSTDPArkeTzpeMkP84fZXBNjGsXBZ3Glcycv_4W
.paypal.com/	1970-01-20 18:18:18	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: II0-xUcapF_87Vtuh-CjfEGwTC0NKoS9UZTbd6WPQELPdgGKokrD9C7izhuo_KlZ6HL_lp1zXM6wuabm

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
apis.google.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
games-turf.siteneti.net
googleads.g.doubleclick.net
img.root-top.com
jeuxsurs.siteneti.net
lemagicienduturf.free.fr
lh3.googleusercontent.com
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
t.paypal.com
themes.googleusercontent.com
tpc.googlesyndication.com
turfgenie.blogspot.com
www.allosponsor.com
www.blogger.com
www.google.com
www.kriturf.lachezvos.pro
www.lepro-pmu.c4s.online
www.mega-turf.fr
www.mini-turf.c4s.online
www.parishorse.net
www.paypal.com
www.pmu-net.lachezvos.pro
www.pmu-trader.c4s.online
www.turfmagique.fr
www.paypal.com
151.101.129.21
192.229.221.25
194.150.236.166
194.150.236.236
2001:41d0:301::20
2001:41d0:301::28
212.27.63.154
212.83.183.115
2606:2800:233:ce53:4396:b914:64c2:638e
2606:4700:3035::ac43:c4a5
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:800::2001
2a00:1450:4001:811::2001
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2009
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:400d:802::2002
46.105.57.169
64.4.245.84
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01b97ce4a5da28b566410f8b253d259cdd615f9760d33678414c2b3a713eef93
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a
0429a12aefa26d10e692153a57334377c0337db85376f8eb2cb16116f73bdd08
05b75600812a4c9488493020fa0ff6e26724792bccb162fee8b78052062c07b1
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07c3597fab0ce649ba89abe43afe195539c1f2f5bbe75f6477df94f4caf65637
07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6
116d95fd87a2ff2206f3afba428f80c8b8008ec3e5696796c24b13f71ce30ad6
18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
23aad6d6b4e5132ef6c27ad484e65a6fc8ba7e9d1d9fbe0b15e46b7adaca33d6
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
276cd8084affdf9e5d659035fd95e90bf187c4945d92aa1aead549f164e1d5c1
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2911f4e04096744757ceab7a895e0ee51494b6feaefaef9f1870272b3dc2dcca
2a1b71cc3537502882c1eff94cf509d58450b2e1e486db479e13ec83d2ef1724
2f1e3d32c71aa3083b2c7c3a4960ec99602aa34d165c5e7193151d4fe51b3840
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3b4d7c223f67b89c4d51f5a523f1e27b78bd5f559a7f7042309fe97f43085c8b
3c7f8089b0839e107c835d7d27d49839818591b2f698dd36b5e78c2ac3ebaff1
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
43ec4cb702fd1df5902ade23c8ab91605ae2ea03b9e3ccf5510dd15551fe5132
443d73da9a31bdb5ff5dd772138851c0e90eec850136703a69b76b8b5292d25a
44ee3f1fc4d70f39fb90bfb7e7fccda3406a77dbf486eb071a6333fc1791bd2c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475f86d1439f2b14981c6f722f3778618c14bd80e20959ce47f9c462b691f0d3
4ae716ab39ada8eaa4b26460fc1b62d2bd5e5d973a33ee4533e379ee3300170e
4ba477783a11bd8da7d7032597009596dccf3b0c7f4607a8826397ba0ba53f82
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fc2a74434e97b30ae759c9c3e1337440442408b25340b15ba02ab50031d5a74
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69c670018407a9d6f8df69551c158915c0916cd8c48a714d4c89cb160072362d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7053d08a8d3f455165a518bcff1df4f603bda6f19616a0e479dbfc39989b87ad
72aa4bb34a2df5b8e8b5c14d1f4bf294b08820a754a6ad8313f02af4683e003a
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
75a98359907d89c37f29c1ef75bc1bc1d6026ee55aa7dc92b89dba110737f1c0
853003068526c8290a08b44e300be0151e9e9a433699d18f436fcbf0e07ae9ae
8ad5d8cd8999e56275e12e5a5325b108bd15146fefe072af726fffecfe6ab862
8dcd6a81afc45fc0fc34d9a46a4446a3fef7b266383c608d5b40bc32933f1ec4
9001747d82d3877d5ba9b7016c67b999ed0bf8ac30b0708d11eb1a2755adce95
91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c
929ea12b188336eafaed795fe17043364fc2068e7d2c142b85652c642bad6e89
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9d0af3ebc6e43040b3ddd63790393af83727966bd6b4dc90631a7fdcad003b3c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ecc9b566c3885deb0a25729d2cf367287ee692823313ca0da230b1dd5c4de2e
9f2dfb884d4cf8da5094b4f2adacd7b0d4a2f2881ddb49b12dde71f47cf31ee2
a005e4acf7d61bb526d2a07af927f58771a4689a54500b9bc4bc773d5f5ae7ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa
aae4e91cf989233fa648e1d63de18697c3c0036e8201934310ab8d8820dd9b55
aceab2a83a86b7ddd5dd7d4720a346dfc02ef4a5075d095e99c524c7f7647b6e
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
be9a526d6efe93f2079b728546e1eecfe638b8e70eef74ed31ebaec64ef5c408
ca8e559d96d8249aa1b954a30305896f929a98b9210d1a57f7664319d4454c77
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce387cb66fb54e6f1186263138a2438fe60fac2c82222a9de27adaeba6e276d5
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
d3758b241e93a47813cfff5edd11c7546c48706e6560401b9df8b9a56f968896
def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e23bef528e2f8d8e3b06af8a8f64a8d979ea91b0e5b42476dba6c0b6dc007eea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba4c9a1d3ab74e68c259142a3df69565ccd941026d717c411beb14a8f5fbe14
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
edc9c56cf1a98fa4fb4a1c4012130fc243ecaa14b964c40b6cdaf1d5facd693f
ef769c1553249e2885e95ccc6d6e3f4e3a6c56dd7fb8039dd1512c1d5770300b
f319b9db9c7224703100306c2f048d7d1f75476f4184fc6a6083abc721270bbc
fb8c7a73b00b68e5b2547715c54ec90d75bd48c1e1016de1178f38be47547a3a
fdaaa865b055292404301ff34bb8e21543980b5553f4c25d7d1c00545a5013bb

turfgenie.blogspot.com Open in urlscan Pro 2a00:1450:4001:800::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

77 %HTTPS

68 %IPv6

19 Domains

35 Subdomains

25 IPs

4 Countries

2485 kBTransfer

4095 kBSize

10 Cookies

85 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 25 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

turfgenie.blogspot.com Open in urlscan Pro
2a00:1450:4001:800::2001 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

77 %
HTTPS

68 %
IPv6

19
Domains

35
Subdomains

25
IPs

4
Countries

2485 kB
Transfer

4095 kB
Size

10
Cookies

99 HTTP transactions
25 data transactions