turfvoyance.blogspot.com Open in urlscan Pro
2a00:1450:4001:827::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://turfvoyance.blogspot.com/?m=1
Submission: On September 29 via manual (September 29th 2021, 7:18:22 pm UTC) from FR — Scanned from DE

Summary HTTP 53 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 53 HTTP transactions. The main IP is 2a00:1450:4001:827::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is turfvoyance.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on September 13th 2021. Valid for: 2 months.

This is the only time turfvoyance.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:809::2009	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	51.254.50.144 51.254.50.144	16276 (OVH) (OVH)
1	2001:41d0:a:7... 2001:41d0:a:7c5c::	16276 (OVH) (OVH)
2	213.246.57.128 213.246.57.128	21409 (IKOULA) (IKOULA)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::ac43:c8d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.254.1.54 178.254.1.54	42730 (EVANZOAS) (EVANZOAS)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1	13.32.29.107 13.32.29.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:801::200e	15169 (GOOGLE) (GOOGLE)
4 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
53	18

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

turfvoyance.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.254.50.144 (France)

ASN16276 (OVH, FR)
PTR: ip144.ip-51-254-50.eu

www.maxannu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:a:7c5c:: (France)

ASN16276 (OVH, FR)

www.top-france.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.246.57.128 (France)

ASN21409 (IKOULA, FR)
PTR: www.allosponsor.com

www.hebdotop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.254.1.54 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: hello-world.digital

www.zeitverschiebung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.29.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-107.fra56.r.cloudfront.net

cdn0.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:801::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googleusercontent.com lh5.googleusercontent.com lh4.googleusercontent.com lh6.googleusercontent.com lh3.googleusercontent.com	143 KB
11	google.com 5 redirects apis.google.com accounts.google.com www.google.com	177 KB
7	blogger.com 1 redirects www.blogger.com	199 KB
4	blogspot.com turfvoyance.blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com	66 KB
3	pronostic-facile.fr www.pronostic-facile.fr cdn0.pronostic-facile.fr	9 KB
3	blogblog.com resources.blogblog.com	1010 B
2	google-analytics.com www.google-analytics.com	39 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	46 KB
2	hebdotop.com www.hebdotop.com	945 B
2	paypalobjects.com www.paypalobjects.com	4 KB
1	zeitverschiebung.net www.zeitverschiebung.net	2 KB
1	top-france.com www.top-france.com	2 KB
1	maxannu.com www.maxannu.com	7 KB
53	15

	Domain	Requested by
7	www.blogger.com	1 redirects turfvoyance.blogspot.com www.blogger.com apis.google.com
6	apis.google.com	turfvoyance.blogspot.com apis.google.com www.blogger.com
6	lh3.googleusercontent.com	turfvoyance.blogspot.com www.blogger.com
4	www.google.com	4 redirects
4	lh4.googleusercontent.com	turfvoyance.blogspot.com
3	resources.blogblog.com	turfvoyance.blogspot.com
3	lh6.googleusercontent.com	turfvoyance.blogspot.com
3	lh5.googleusercontent.com	turfvoyance.blogspot.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.pronostic-facile.fr www.zeitverschiebung.net
2	www.pronostic-facile.fr	turfvoyance.blogspot.com www.pronostic-facile.fr
2	www.hebdotop.com	turfvoyance.blogspot.com
2	www.paypalobjects.com	turfvoyance.blogspot.com
2	turfvoyance.blogspot.com	turfvoyance.blogspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	www.zeitverschiebung.net
1	fonts.googleapis.com	www.zeitverschiebung.net
1	cdn0.pronostic-facile.fr	www.pronostic-facile.fr
1	accounts.google.com	1 redirects
1	www.gstatic.com	apis.google.com
1	www.zeitverschiebung.net	turfvoyance.blogspot.com
1	1.bp.blogspot.com	turfvoyance.blogspot.com
1	www.top-france.com	turfvoyance.blogspot.com
1	www.maxannu.com	turfvoyance.blogspot.com
1	3.bp.blogspot.com	turfvoyance.blogspot.com
53	25

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.succes-turf.com
www.rapidoweb.free.fr
www.maxannu.com
www.top-france.com
www.hebdotop.com
www.zeitverschiebung.net

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh
maxannu.com R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
top-france.com R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
www.hebdotop.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-09` - `2022-02-09`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
zeitverschiebung.net R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.pronostic-facile.fr Amazon	`2020-11-29` - `2021-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://turfvoyance.blogspot.com/?m=1
Frame ID: 4522F1D4AE18934F68A32C2784DF9D31
Requests: 34 HTTP requests in this frame

Frame: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis
Frame ID: 1ED8A541A5550851ED7E22B60D049C36
Requests: 6 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Frame ID: 3B23EDABBA1FAE744833B951E62DC66F
Requests: 5 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1
Frame ID: 9A53B2970C15E0397CFC9A47E97A98E3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Turfvoyance: le site de référenceTurfvoyance: le site de référence pronostic 100% fiable

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

25
Subdomains

18
IPs

4
Countries

803 kB
Transfer

1599 kB
Size

1
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/12604722461568637656
Title: Turfvoyance

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=5396323014867624850

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=5396323014867624850&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=5396323014867624850&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=5396323014867624850&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=5396323014867624850&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=5396323014867624850&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=1952673122071163566

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1952673122071163566&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1952673122071163566&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1952673122071163566&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1952673122071163566&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1952673122071163566&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=6970152880096559822

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6970152880096559822&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6970152880096559822&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6970152880096559822&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6970152880096559822&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6970152880096559822&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: http://www.succes-turf.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=2080

Search URL Search Domain Scan URL

URL: https://www.maxannu.com/turf/

Search URL Search Domain Scan URL

URL: https://www.top-france.com/humour-et-jeux/

Search URL Search Domain Scan URL

URL: http://www.hebdotop.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/partenaires/hit.php3?sp=997

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Signaler un abus

Search URL Search Domain Scan URL

URL: https://www.zeitverschiebung.net/fr/timezone/europe--paris
Title: Heure actuelleEurope/Paris

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https://turfvoyance.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ HTTP 302
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://turfvoyance.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.yUoUa-d8e1E.O/am%253DAQ/d%253D1/rs%253DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://turfvoyance.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.yUoUa-d8e1E.O/am%253DAQ/d%253D1/rs%253DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/m%253D__features__%26bpli%3D1&go=true HTTP 302
https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1

Request Chain 48

https://www.google.com/s2/photos/public/AIbEiAIAAABECMi2r7ylj5z83AEiC3ZjYXJkX3Bob3RvKig2MTQ5ZDIyY2I0NDEyNzhjOGRmYmE3NDAxZmNiZGRmYjNkYzUzN2E4MAEFOaJ3EK10VbxJqkJ7Jvs40D4VTQ HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

Request Chain 49

https://www.google.com/s2/photos/public/AIbEiAIAAABCCOXbidrJ8s53Igt2Y2FyZF9waG90byooMDFjOGVhMGUwNGZjMjg1MjBjMDhkOGUwZTE4ZTNkZmI1YzA5NDZhNTABIsLwS-w72jw6tNmxWWGWti0aeuw HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

Request Chain 50

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKigxYTNhNTc5YjdhZDE1YTE4NTNlYWIwYjQ2MzRlOTBiYmEyMDQ5YmNjMAFU5urul_rFpTNovfRS1YKGLLZx3A HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

Request Chain 51

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJGzmdrtmNOpfiILdmNhcmRfcGhvdG8qKDkzYjI2ZGQ3YTZiZTU4MDViNDM5OThjY2RkNzdiMGU0ZmYzYjE4MTUwAQcTjV1Odh9oqg3DstvEkMokElD5 HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
turfvoyance.blogspot.com/ 196 KB
23 KB 453ms
345ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0c0070c44ad8abe982a0fcd477843ed872891fbc848ea11da8005560798bced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: turfvoyance.blogspot.com
:scheme: https
:path: /?m=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Wed, 29 Sep 2021 19:18:17 GMT
date: Wed, 29 Sep 2021 19:18:17 GMT
cache-control: private, max-age=0
last-modified: Wed, 29 Sep 2021 13:44:34 GMT
etag: W/"1df1abf258254036d88a7fb2168984c97b5278e2a1b68d2fa275e259f548a7e8"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22856
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1667664774-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 29ms
8ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:19:36 GMT
x-content-type-options: nosniff
age: 457122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36164
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 02:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 24 Sep 2022 12:19:36 GMT

GET
H2 200 fuOpqLt6R2N2eYy8gblXUajZ6S1jVPUBvek4XushBYdCwckodzVr0sIjt9sRvubVtl9gCPUseYxLpVSO_2TvMbtquvg=s0-d
lh5.googleusercontent.com/proxy/ 104 KB
104 KB 30ms
8ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/fuOpqLt6R2N2eYy8gblXUajZ6S1jVPUBvek4XushBYdCwckodzVr0sIjt9sRvubVtl9gCPUseYxLpVSO_2TvMbtquvg=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b924a89c3df9d7892c99e150bba066edccbdecef4f8bf74b476ffaa2bdbe8851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:17 GMT
x-content-type-options: nosniff
server: fife
age: 1081
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106042
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:17 GMT

GET
H2 200 btn_buynowCC_LG.gif
www.paypalobjects.com/fr_XC/i/btn/ 3 KB
4 KB 211ms
153ms Image
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/fr_XC/i/btn/btn_buynowCC_LG.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4648e75e18901015eef2097e85159608f332b20c22737feaf8358428f43eb329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, MISS
fastly-io-info: ifsz=3539 idim=171x47 ifmt=gif ofsz=3538 odim=171x47 ofmt=gif
paypal-debug-id: 32b4dd971bda0
fastly-stats: io=1
dc: phx-origin-www-2.paypal.com
content-length: 3538
x-served-by: cache-sjc10050-SJC, cache-fra19163-FRA
x-timer: S1632943098.134799,VS0,VE147
etag: "DU+OAt8hF7VPs+tf/LVK6MxM3aPIGIKzeIBCy01Eg6g"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 pixel.gif
www.paypalobjects.com/fr_XC/i/scr/ 42 B
435 B 208ms
151ms Image
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/fr_XC/i/scr/pixel.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, MISS
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: b8290ad6c8810
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10081-SJC, cache-fra19163-FRA
x-timer: S1632943098.134905,VS0,VE145
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 AtteleAnim_70.gif
3.bp.blogspot.com/-ILP-5FZwTxI/VeCuDhOsvzI/AAAAAAAAAHk/0y-fdo6caVQ/w40-h37/ 6 KB
6 KB 21ms
20ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ILP-5FZwTxI/VeCuDhOsvzI/AAAAAAAAAHk/0y-fdo6caVQ/w40-h37/AtteleAnim_70.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9859de9304c3f048cd6451e04564446faee69f6c06b80ed003701905f9e7a5e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="AtteleAnim_70.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6512
x-xss-protection: 0
server: fife
etag: "v7a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 16:48:59 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w8-h7
lh4.googleusercontent.com/proxy/ 225 B
336 B 35ms
7ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w8-h7

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:16 GMT
x-content-type-options: nosniff
server: fife
age: 1082
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:16 GMT

GET
H2 200 tiR7ZavVRPP0yic20aezEK84TWqfSH6oQdBndqNoUX6CiCVvin2zfNodGCnr8_nHCAkIKrB2vSQRwZqBid1_h9dH7BeAvwv6AABqsyJCKciM=s0-d
lh4.googleusercontent.com/proxy/ 225 B
283 B 36ms
7ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/tiR7ZavVRPP0yic20aezEK84TWqfSH6oQdBndqNoUX6CiCVvin2zfNodGCnr8_nHCAkIKrB2vSQRwZqBid1_h9dH7BeAvwv6AABqsyJCKciM=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c40737ab0f7b9851d02b03379e9d6af0fba4e5eb019b4b46f41bf082f30e4f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:16 GMT
x-content-type-options: nosniff
server: fife
age: 1082
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:16 GMT

GET
H2 200 Y6jUy_iM4XEj558ibqmpXFxmaMqHU9HrfoXavgAvBNvfYaQJUJyxiG7kbQRTVD-oUHGbG5jgaVqoymtBELoIHPS8wu9VqMGNSFHwvsqoIQWT=s0-d
lh6.googleusercontent.com/proxy/ 257 B
346 B 16ms
14ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/Y6jUy_iM4XEj558ibqmpXFxmaMqHU9HrfoXavgAvBNvfYaQJUJyxiG7kbQRTVD-oUHGbG5jgaVqoymtBELoIHPS8wu9VqMGNSFHwvsqoIQWT=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9db2a7a50b8cdcfe3192021aa62cbe226b000b2a20a97bb1ec55cc0f09063e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:15 GMT
x-content-type-options: nosniff
server: fife
age: 1083
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:15 GMT

GET
H2 200 4bELEB4G-DbRUtFD42np713SOG6p6_FfTka4blitd39wCQPErvoFvQ2_rPQCCfFQR4fnwR_yWGnif70eVPfsnnkkOPqvZIjKXnvZ8XMjAllN=s0-d
lh6.googleusercontent.com/proxy/ 143 B
205 B 16ms
15ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/4bELEB4G-DbRUtFD42np713SOG6p6_FfTka4blitd39wCQPErvoFvQ2_rPQCCfFQR4fnwR_yWGnif70eVPfsnnkkOPqvZIjKXnvZ8XMjAllN=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa57613eb7d2d2cb527d5d4e8b2a8df15a1d531a0b1e107fdd091c0ccb315f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:15 GMT
x-content-type-options: nosniff
server: fife
age: 1083
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:15 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=s0-d
lh4.googleusercontent.com/proxy/ 204 B
265 B 36ms
8ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

86639faa42cfeb641a66087cc2d061917c8e266ed8fb979c94073acb0e7ace9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:16 GMT
x-content-type-options: nosniff
server: fife
age: 1082
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:16 GMT

GET
H2 200 WK0RYWgm1_SLfaR0O2jU19m6TOnXQelMD2mD_sGIyu2aAi7MY5i5SF56ASjAr8f7JmTFr9ALL8s4XLqma7dG-65jixY76RCwPJgLCBGcxqVL4-7BnRA=s0-d
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/WK0RYWgm1_SLfaR0O2jU19m6TOnXQelMD2mD_sGIyu2aAi7MY5i5SF56ASjAr8f7JmTFr9ALL8s4XLqma7dG-65jixY76RCwPJgLCBGcxqVL4-7BnRA=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ddd47a698d39264398af9849fc6f06bac4981120eb38e8ec4ea5575127f929c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:17 GMT
x-content-type-options: nosniff
server: fife
age: 1081
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2269
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:17 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w37-h13
lh4.googleusercontent.com/proxy/ 225 B
283 B 20ms
8ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w37-h13

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:16 GMT
x-content-type-options: nosniff
server: fife
age: 1082
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:16 GMT

GET
H2 200 icon18_email.gif
resources.blogblog.com/img/ 164 B
285 B 9ms
8ms Image
image/gif 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_email.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:42:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 16:54:05 GMT
server: sffe
age: 70531
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Oct 2021 23:42:47 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
534 B 669ms
668ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3039089011485393593&zx=24126b9e-deb9-44c0-afe4-3295e2a9b270

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 19:18:18 GMT
server: GSE
date: Wed, 29 Sep 2021 19:18:18 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
517 B 8ms
7ms Image
image/png 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:46:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Sep 2021 05:51:03 GMT
server: sffe
age: 451894
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 01 Oct 2021 13:46:44 GMT

GET
H2 200 body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 95 B
208 B 8ms
7ms Image
image/png 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 13:27:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 05:51:38 GMT
server: sffe
age: 539451
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 30 Sep 2021 13:27:27 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 18:02:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 15:58:35 GMT
server: sffe
age: 90953
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Oct 2021 18:02:25 GMT

GET
H2 200 1LhV-gEi50KSEPcg-8KsAEuNwMUvkFzlIaOys7TaTVO3wLFe-oQSUrLH7FX_VzyTIsV_Y9Q1-1CuWkDtfJLWibHdxoUWkGFdtw=s0-d
lh5.googleusercontent.com/proxy/ 11 KB
11 KB 8ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/1LhV-gEi50KSEPcg-8KsAEuNwMUvkFzlIaOys7TaTVO3wLFe-oQSUrLH7FX_VzyTIsV_Y9Q1-1CuWkDtfJLWibHdxoUWkGFdtw=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d365063fef243178c3ea167b64837bc5e23aa5b5a6d1f1b21fbf9e9ce57de54b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:17 GMT
x-content-type-options: nosniff
server: fife
age: 1081
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11593
x-xss-protection: 0
expires: Thu, 30 Sep 2021 19:00:17 GMT

GET
H2 200 f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d
lh6.googleusercontent.com/proxy/ 2 KB
2 KB 9ms
4ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:49 GMT
x-content-type-options: nosniff
server: fife
age: 9989
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2097
x-xss-protection: 0
expires: Thu, 30 Sep 2021 16:31:49 GMT

GET
H/1.1 200
OK max88.gif
www.maxannu.com/ 7 KB
7 KB 346ms
14ms Image
image/gif 51.254.50.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maxannu.com/max88.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.254.50.144 , France, ASN16276 (OVH, FR),

Reverse DNS

ip144.ip-51-254-50.eu

Software

Apache / PleskLin

Resource Hash

d4b3765a539672defd8114ed24664cf3ea2660abe454cd021be1df9b43002eb8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 19:18:19 GMT
ETag: "1acd-499a8d6f860c0"
Last-Modified: Wed, 12 Jan 2011 16:39:07 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6861
X-XSS-Protection: 1; mode=block
Expires: Fri, 29 Oct 2021 19:18:19 GMT

GET
H/1.1 200
OK top88.png
www.top-france.com/ 2 KB
2 KB 276ms
15ms Image
image/png 2001:41d0:a:7c5c::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.top-france.com/top88.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:a:7c5c:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

0dcd504d9092c4f44f60de4168e0711ff0b062d3306bf91b9efc9522134cda2c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 19:18:18 GMT
ETag: "67f-589037095a746"
Last-Modified: Thu, 16 May 2019 16:05:50 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1663
X-XSS-Protection: 1; mode=block
Expires: Fri, 29 Oct 2021 19:18:18 GMT

GET
H/1.1 200
OK hebdotop.eur Show response
www.hebdotop.com/cgi-bin/ 436 B
556 B 211ms
20ms Script
text/html 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=308212
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: f8b3fed67841e42ffb5701df65958a1ba443a741fdd583cbe43280e2f474319c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 19:18:15 GMT
Content-Encoding: gzip
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100

GET
H2 200 sgngLku0Ia98M23ut8AKPKY5RzDinzCH8nHR7XeyIPyvjmuCNa1tYZ76E_Ejvm5j0oTuIS3U1AJ-uRx3YoDdcyazCJECqsPZ=s0-d
lh5.googleusercontent.com/proxy/ 4 KB
4 KB 10ms
6ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/sgngLku0Ia98M23ut8AKPKY5RzDinzCH8nHR7XeyIPyvjmuCNa1tYZ76E_Ejvm5j0oTuIS3U1AJ-uRx3YoDdcyazCJECqsPZ=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9889200c7ec80cac7bb7d798b73be56cd2c55fcc80a25203e285af3032351878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:29:24 GMT
x-content-type-options: nosniff
server: fife
age: 10134
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4026
x-xss-protection: 0
expires: Thu, 30 Sep 2021 16:29:24 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 56ms
33ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ft0HvRTc1ebPoHGirCQyQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "c34d224d0ee061f3752d1f91e397a052"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Ft0HvRTc1ebPoHGirCQyQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 29 Sep 2021 19:18:18 GMT

GET
H2 200 pmummmmmm.jpg
1.bp.blogspot.com/-yZLqIaBFfdU/YRK2QzQ2FiI/AAAAAAAAADo/Gc2NWwyVKpsvM-_reKYx2EpLVC8--o-oACLcBGAsYHQ/s491/ 30 KB
30 KB 24ms
20ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-yZLqIaBFfdU/YRK2QzQ2FiI/AAAAAAAAADo/Gc2NWwyVKpsvM-_reKYx2EpLVC8--o-oACLcBGAsYHQ/s491/pmummmmmm.jpg

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f25918443016d607f44e9304001cb2cf31c52e6ff41668fcd75c254343a379f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pmummmmmm.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30224
x-xss-protection: 0
server: fife
etag: "v3b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 16:48:59 GMT

GET
H2 200 feed Show response
www.pronostic-facile.fr/widget/turfvoyance/script/ 245 B
960 B 124ms
36ms Script
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/turfvoyance/script/feed
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56de4f5abfaadaf18f849b27be85cab2babec47589fda74cd3e1d673f4edec16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime: 3
date: Wed, 29 Sep 2021 19:18:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jX3SQ5RTfmgDJE%2BNW2K3H%2FBkYjY7FgYNUdac8yzLIjgFIm1r33hE%2B%2BMF%2F0QVWsfaA9Q0j%2BRpWqsYR9zfq5TyK%2FPvGiT614iPX%2BjFw5IvN0AtwMbWfDCj1dCnefMZW0KUSBoz6m61U%2BKDPkQC3Aj%2BLVOWlqttHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 69678e7bdd881f25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookienotice.js Show response
turfvoyance.blogspot.com/js/ 6 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://turfvoyance.blogspot.com/js/cookienotice.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: turfvoyance.blogspot.com
referer: https://turfvoyance.blogspot.com/?m=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/?m=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 15:27:00 GMT
x-content-type-options: nosniff
age: 13878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6513
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 14:52:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 06 Oct 2021 15:27:00 GMT

GET
H2 200 1527282520-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1527282520-widgets.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c4d2e8538bfa555fcb535f64b906ec960a8afd3ae590e967dbc05f9ce785067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 01:56:13 GMT
x-content-type-options: nosniff
age: 580925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157290
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:54:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 23 Sep 2022 01:56:13 GMT

GET
H/1.1 200
OK vote42762.eur
www.hebdotop.com/cgi-bin/ 181 B
389 B 20ms
19ms Image
image/png 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hebdotop.com/cgi-bin/vote42762.eur?id=308212
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 19:18:15 GMT
Server: Apache/2.2.22 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 207 KB
70 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f93a8fa319d2f248a5b9f574c0fa601763b24f4acca4bd936e390c532795109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70982
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:20:56 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 3 KB
750 B 11ms
11ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b3c05530c180765a519a01b26dd6fd03313795ffc946c5198dd1c15fa7de443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 657
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 28 Sep 2022 23:37:43 GMT

GET
H2 200 clock-widget-iframe-v2 Show response
www.zeitverschiebung.net/ Frame 1ED8 5 KB
2 KB 68ms
17ms Document
text/html 178.254.1.54
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.254.1.54 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

hello-world.digital

Software

nginx / PHP/7.3.30 PleskLin

Resource Hash

3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:method: GET
:authority: www.zeitverschiebung.net
:scheme: https
:path: /clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

server: nginx
date: Wed, 29 Sep 2021 19:18:18 GMT
content-type: text/html; charset=UTF-8
content-length: 1908
x-powered-by: PHP/7.3.30 PleskLin
vary: Accept-Encoding
content-encoding: gzip
x-cache-status: BYPASS
strict-transport-security: max-age=15768000; includeSubDomains

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/turfvoyance/feed/ Frame 3B23 15 KB
6 KB 44ms
44ms Document
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/script/feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5bc993706c27d91da84abd8d05781dc59bf2148df6d534d53c19efce5cde36c

Request headers

:method: GET
:authority: www.pronostic-facile.fr
:scheme: https
:path: /widget/turfvoyance/feed/all
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-runtime: 4
cache-control: private, max-age=0, must-revalidate
set-cookie: _pronostic_facile_session=BAh7BzoPc2Vzc2lvbl9pZCIlNmI3NWEzNjcwMjIwMzk1OTY4YWZmMjEyMWU5ZGRmYTU6DHJlZmVyZXIiJmh0dHBzOi8vdHVyZnZveWFuY2UuYmxvZ3Nwb3QuY29tLw%3D%3D--26e3f6d60132148a77b3367439056018e4e33f17; path=/; HttpOnly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ichK59SoTIeFQZ3cM89WaTysNYZfP%2FkHVLmCdGGDZEr%2FTRZxYh5YtXr8gwMd8iyIMffpvwjHDsdwinZy9BUpIFg9KLwthTVWXuudel%2B%2F%2FtoNcb39KURMU6z9tg8%2Bh2s3bNaocb8pYkbz3q6a5C9kdxm%2BHLNB9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69678e7cbef81f25-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 81 KB
29 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b7bdbb6b77f4238a0af53fa51168eec424660ac65eb166d3927335824e07ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29401
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 21:57:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="product-feedback-gathering"
expires: Wed, 29 Sep 2021 20:05:20 GMT

GET
H2

200

followers.g Show response
www.blogger.com/ Frame 9A53
Redirect Chain

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZ...
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMW...
https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZ...

7 KB
2 KB

542ms
541ms

Document
text/html

2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4dd725c86df178454b1d50b6bd821ef178bcd9a4c27d1722f22a1f4979ccb089

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Sep 2021 19:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2351
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Sep 2021 19:18:18 GMT
location: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-DA7SPOLTPx8GVS85pRNucg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 475
server: GSE
set-cookie: __Host-GAPS=1:DaX_ekTrjlt3kSNNcxePizVVFqz9Hg:snsnktgo2vRQNGC-;Path=/;Expires=Fri, 29-Sep-2023 19:18:18 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK rss-fp-1612893811.png
cdn0.pronostic-facile.fr/images/icones/16x16/ Frame 3B23 739 B
2 KB 76ms
9ms Image
image/png 13.32.29.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-107.fra56.r.cloudfront.net
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 18:55:19 GMT
Via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2506979
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 739
Last-Modified: Tue, 09 Feb 2021 18:03:31 GMT
Server: cloudflare
ETag: "6022ce73-2e3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FKQ63snoHyJAZIFgwGlRxrd1d9YLSsiRSJvq9DUkzayqPEO4ANrR%2B7WrScV2fq19VbHpWTwmRShtNKCq4t2qvUJO7YQlvuWTFBruKkVoyvWxMD0%2Fh0ZgUwscqDUDyhDYTO0pef41SvhzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
CF-RAY: 687878eff9504414-FRA
X-Amz-Cf-Id: k-ZD-8GIKDos0193cOcDnh8OtG6VP-J4WS_LBgEjYnjAkgIW-Tylgw==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3B23 96 KB
38 KB 39ms
18ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b37f370d55b65121c61c8a798f1516f0cb781e6f71e7859a6c01ed2712a9d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38914
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Sep 2021 19:18:18 GMT

GET
DATA 200
OK truncated
/ Frame 3B23 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 1ED8 3 KB
1 KB 37ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 18:54:01 GMT
server: ESF
date: Wed, 29 Sep 2021 19:18:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 19:18:18 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 1ED8 95 KB
34 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 29 Sep 2022 11:47:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1ED8 96 KB
38 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74c3a6567bb9f27ba03083b3652742e12e6a3c64d8451bf4182fb7a8bce95bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38914
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Sep 2021 19:18:18 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 1ED8 16 KB
17 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zeitverschiebung.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 17:05:06 GMT
x-content-type-options: nosniff
age: 526392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16736
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 23 Sep 2022 17:05:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3B23 48 KB
20 KB 116ms
36ms Script
text/javascript 2a00:1450:400f:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 423
date: Wed, 29 Sep 2021 19:11:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 29 Sep 2021 21:11:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1ED8 48 KB
19 KB 145ms
74ms Script
text/javascript 2a00:1450:400f:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 423
date: Wed, 29 Sep 2021 19:11:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 29 Sep 2021 21:11:15 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
88 B 120ms
120ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3039089011485393593&zx=24126b9e-deb9-44c0-afe4-3295e2a9b270

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 19:18:18 GMT
server: GSE
date: Wed, 29 Sep 2021 19:18:18 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ Frame 9A53 52 KB
20 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6qMuwsr3OdaDhMyQuo0fXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "c34d224d0ee061f3752d1f91e397a052"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-6qMuwsr3OdaDhMyQuo0fXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 29 Sep 2021 19:18:19 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 9A53 147 KB
50 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 22:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51514
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 28 Sep 2022 22:36:42 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 9A53 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a64d18d6dbdf8ccc44fcc587c8524a0a4393a6a2a3832dcb247021c80ac54ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12011
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:27:29 GMT

GET
H2

200

AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p
lh3.googleusercontent.com/a-/ Frame 9A53
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECMi2r7ylj5z83AEiC3ZjYXJkX3Bob3RvKig2MTQ5ZDIyY2I0NDEyNzhjOGRmYmE3NDAxZmNiZGRmYjNkYzUzN2E4MAEFOaJ3EK10VbxJqkJ7Jvs40D4VTQ
https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

4 KB
5 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

328878c68065e40d660ad007779bfeb6b8e7b06e02dc96f91ca8c04e71119c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:30 GMT
x-content-type-options: nosniff
age: 1069
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4579
x-xss-protection: 0
server: fife
etag: "v3b69"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 Sep 2021 23:21:44 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 19:18:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-cg5Yx7Eqo/A6oH/EDQQi1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-cg5Yx7Eqo/A6oH/EDQQi1w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p
lh3.googleusercontent.com/a-/ Frame 9A53
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABCCOXbidrJ8s53Igt2Y2FyZF9waG90byooMDFjOGVhMGUwNGZjMjg1MjBjMDhkOGUwZTE4ZTNkZmI1YzA5NDZhNTABIsLwS-w72jw6tNmxWWGWti0aeuw
https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

4 KB
4 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e336a14c52d3cee99f2eceb3e841453581452f4970dcdf5a9bcfada14e1620d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:30 GMT
x-content-type-options: nosniff
age: 1069
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4218
x-xss-protection: 0
server: fife
etag: "vd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Sep 2021 19:29:10 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 19:18:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-0a7eLN0XX614fv/gSOB2PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-0a7eLN0XX614fv/gSOB2PQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p
lh3.googleusercontent.com/a-/ Frame 9A53
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKigxYTNhNTc5YjdhZDE1YTE4NTNlYWIwYjQ2MzRlOTBiYmEyMDQ5YmNjMAFU5urul_rFpTNovfRS1YKGLLZx3A
https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

3 KB
3 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e966b3402343a48652b6ca544d35480c652b337ef8242d85103ba9f91f0847d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:08:33 GMT
x-content-type-options: nosniff
age: 7786
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3067
x-xss-protection: 0
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Sep 2021 04:57:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 19:18:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'report-sample' 'nonce-gZEz5FZutWEH9wKEPsf/GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-gZEz5FZutWEH9wKEPsf/GQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p
lh3.googleusercontent.com/a-/ Frame 9A53
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJGzmdrtmNOpfiILdmNhcmRfcGhvdG8qKDkzYjI2ZGQ3YTZiZTU4MDViNDM5OThjY2RkNzdiMGU0ZmYzYjE4MTUwAQcTjV1Odh9oqg3DstvEkMokElD5
https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

5 KB
5 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

42c101ed2f5648ed63a63e0a142e64110ef49d13bbe2dfc5527070488967f85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:00:30 GMT
x-content-type-options: nosniff
age: 1069
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5530
x-xss-protection: 0
server: fife
etag: "v4ad"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 Sep 2021 23:21:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 19:18:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'report-sample' 'nonce-2NKJ5VnUXoH3Y/t7nSB4wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-2NKJ5VnUXoH3Y/t7nSB4wg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default-user=s45-c
lh3.googleusercontent.com/a/ Frame 9A53 316 B
435 B 9ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/default-user=s45-c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:09:49 GMT
x-content-type-options: nosniff
age: 11310
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
server: fife
etag: "v0"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Sep 2021 04:09:49 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 01:59:14	Name: NID Value: 511=NWlg2Fm-RVVG-LVO3l60zwWc5jaIyJZyAcn4B84lg60efMi3jJSKxPR6C2QKAye26s2M10AcG1JDgU_c0F40ZFAFqRm-hO9BxAwuwiJsoZtOitwE_br2K0IHnF6JzAUAddGvuMqL90CCtaFAIvOlRCa62KB9R7r1A-eSQ_GpZc4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
accounts.google.com
ajax.googleapis.com
apis.google.com
cdn0.pronostic-facile.fr
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
resources.blogblog.com
turfvoyance.blogspot.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.hebdotop.com
www.maxannu.com
www.paypalobjects.com
www.pronostic-facile.fr
www.top-france.com
www.zeitverschiebung.net
13.32.29.107
151.101.2.133
178.254.1.54
2001:41d0:a:7c5c::
213.246.57.128
2606:4700:3034::ac43:c8d8
2a00:1450:4001:802::200d
2a00:1450:4001:809::2009
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2008
2a00:1450:400f:801::200e
51.254.50.144
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0dcd504d9092c4f44f60de4168e0711ff0b062d3306bf91b9efc9522134cda2c
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
27b7bdbb6b77f4238a0af53fa51168eec424660ac65eb166d3927335824e07ed
2a64d18d6dbdf8ccc44fcc587c8524a0a4393a6a2a3832dcb247021c80ac54ac
2e966b3402343a48652b6ca544d35480c652b337ef8242d85103ba9f91f0847d
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
328878c68065e40d660ad007779bfeb6b8e7b06e02dc96f91ca8c04e71119c51
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565
3b37f370d55b65121c61c8a798f1516f0cb781e6f71e7859a6c01ed2712a9d7b
42c101ed2f5648ed63a63e0a142e64110ef49d13bbe2dfc5527070488967f85d
4648e75e18901015eef2097e85159608f332b20c22737feaf8358428f43eb329
4dd725c86df178454b1d50b6bd821ef178bcd9a4c27d1722f22a1f4979ccb089
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
56de4f5abfaadaf18f849b27be85cab2babec47589fda74cd3e1d673f4edec16
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
6c4d2e8538bfa555fcb535f64b906ec960a8afd3ae590e967dbc05f9ce785067
6f93a8fa319d2f248a5b9f574c0fa601763b24f4acca4bd936e390c532795109
74c3a6567bb9f27ba03083b3652742e12e6a3c64d8451bf4182fb7a8bce95bc1
7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec
7e336a14c52d3cee99f2eceb3e841453581452f4970dcdf5a9bcfada14e1620d
86639faa42cfeb641a66087cc2d061917c8e266ed8fb979c94073acb0e7ace9c
8b3c05530c180765a519a01b26dd6fd03313795ffc946c5198dd1c15fa7de443
9859de9304c3f048cd6451e04564446faee69f6c06b80ed003701905f9e7a5e9
9889200c7ec80cac7bb7d798b73be56cd2c55fcc80a25203e285af3032351878
9db2a7a50b8cdcfe3192021aa62cbe226b000b2a20a97bb1ec55cc0f09063e2e
b924a89c3df9d7892c99e150bba066edccbdecef4f8bf74b476ffaa2bdbe8851
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
c40737ab0f7b9851d02b03379e9d6af0fba4e5eb019b4b46f41bf082f30e4f4c
c5bc993706c27d91da84abd8d05781dc59bf2148df6d534d53c19efce5cde36c
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
d365063fef243178c3ea167b64837bc5e23aa5b5a6d1f1b21fbf9e9ce57de54b
d4b3765a539672defd8114ed24664cf3ea2660abe454cd021be1df9b43002eb8
ddd47a698d39264398af9849fc6f06bac4981120eb38e8ec4ea5575127f929c4
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f0c0070c44ad8abe982a0fcd477843ed872891fbc848ea11da8005560798bced
f25918443016d607f44e9304001cb2cf31c52e6ff41668fcd75c254343a379f1
f8b3fed67841e42ffb5701df65958a1ba443a741fdd583cbe43280e2f474319c
fa57613eb7d2d2cb527d5d4e8b2a8df15a1d531a0b1e107fdd091c0ccb315f43
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

turfvoyance.blogspot.com Open in urlscan Pro 2a00:1450:4001:827::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

74 %IPv6

15 Domains

25 Subdomains

18 IPs

4 Countries

803 kBTransfer

1599 kBSize

1 Cookies

29 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

turfvoyance.blogspot.com Open in urlscan Pro
2a00:1450:4001:827::2001 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

25
Subdomains

18
IPs

4
Countries

803 kB
Transfer

1599 kB
Size

1
Cookies

53 HTTP transactions
1 data transactions