original-pmu.blogspot.com Open in urlscan Pro
2a00:1450:4001:82b::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://original-pmu.blogspot.com/p/historique.html?m=0
Submission: On August 11 via manual (August 11th 2022, 8:07:34 am UTC) from SN — Scanned from DE

Summary HTTP 73 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 24 domains to perform 73 HTTP transactions. The main IP is 2a00:1450:4001:82b::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is original-pmu.blogspot.com.

This is the only time original-pmu.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2009	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	62.210.16.61 62.210.16.61	12876 (Online SAS) (Online SAS)
7	54.36.176.112 54.36.176.112	16276 (OVH) (OVH)
17 25	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	91.121.164.142 91.121.164.142	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	195.210.43.68 195.210.43.68	39506 (MFX-AS) (MFX-AS)
3	212.83.146.214 212.83.146.214	12876 (Online SAS) (Online SAS)
1	185.154.136.89 185.154.136.89	50474 (O2SWITCH) (O2SWITCH)
1	188.165.42.17 188.165.42.17	16276 (OVH) (OVH)
1	212.27.63.105 212.27.63.105	12322 (PROXAD) (PROXAD)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 5	2606:4700:303... 2606:4700:3034::6815:15de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	194.150.236.222 194.150.236.222	44976 (HIWIT_AS) (HIWIT_AS)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
73	27

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

original-pmu.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.210.16.61 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: pf-lb-1.online.net

gifs.hurgon.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.36.176.112 (France)

ASN16276 (OVH, FR)
PTR: ns3092782.ip-54-36-176.eu

geoloc5.geovisite.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3038::6815:ea1b (United States) 17 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.164.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns360576.ip-91-121-164.eu

nsm08.casimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.210.43.68 (France)

ASN39506 (MFX-AS, FR)
PTR: aap1.createur-internet.com

www.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.83.146.214 (France)

ASN12876 (Online SAS, FR)
PTR: allosponsor.lixium.fr

www.allosponsor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hebdotop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.154.136.89 (France)

ASN50474 (O2SWITCH, FR)

www.uhit.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.42.17 (France)

ASN16276 (OVH, FR)
PTR: comix.netoo.net

blogs.netoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.27.63.105 (France)

ASN12322 (PROXAD, FR)
PTR: perso105-g5.free.fr

www.rapidoweb.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::6815:15de (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.222 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns62.hiwit.net

www.axis-medias.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	root-top.com 17 redirects img.root-top.com www.root-top.com	61 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	208 KB
7	geovisite.ovh geoloc5.geovisite.ovh	380 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 161 adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	151 KB
6	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 16174	2 KB
5	pronostic-facile.fr 1 redirects www.pronostic-facile.fr cdn3.pronostic-facile.fr	9 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 8565	167 KB
5	blogspot.com original-pmu.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10086	227 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	5 KB
2	googleusercontent.com 1 redirects themes.googleusercontent.com — Cisco Umbrella Rank: 10446	1 MB
2	hebdotop.com www.hebdotop.com	2 KB
2	casimages.com 1 redirects nsm08.casimages.com — Cisco Umbrella Rank: 839843	10 KB
2	hurgon.fr gifs.hurgon.fr	4 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8117	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	645 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1249	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	41 KB
1	axis-medias.fr www.axis-medias.fr	202 B
1	gstatic.com fonts.gstatic.com	18 KB
1	free.fr www.rapidoweb.free.fr	2 KB
1	netoo.com blogs.netoo.com	2 KB
1	uhit.eu www.uhit.eu
1	allosponsor.com www.allosponsor.com	14 KB
73	24

	Domain	Requested by
25	img.root-top.com	17 redirects original-pmu.blogspot.com
8	pagead2.googlesyndication.com	original-pmu.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	geoloc5.geovisite.ovh	original-pmu.blogspot.com geoloc5.geovisite.ovh
6	resources.blogblog.com	original-pmu.blogspot.com www.blogger.com
5	apis.google.com	original-pmu.blogspot.com apis.google.com www.blogger.com
5	www.blogger.com	original-pmu.blogspot.com apis.google.com
4	www.pronostic-facile.fr	1 redirects original-pmu.blogspot.com www.pronostic-facile.fr static.cloudflareinsights.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	1.bp.blogspot.com	original-pmu.blogspot.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	themes.googleusercontent.com	1 redirects original-pmu.blogspot.com
2	www.hebdotop.com	original-pmu.blogspot.com
2	nsm08.casimages.com	1 redirects original-pmu.blogspot.com
2	gifs.hurgon.fr	original-pmu.blogspot.com
2	original-pmu.blogspot.com	original-pmu.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.pronostic-facile.fr
1	www.googletagmanager.com	www.pronostic-facile.fr
1	cdn3.pronostic-facile.fr	www.pronostic-facile.fr
1	www.axis-medias.fr	www.hebdotop.com
1	fonts.gstatic.com	original-pmu.blogspot.com
1	www.rapidoweb.free.fr	original-pmu.blogspot.com
1	blogs.netoo.com	original-pmu.blogspot.com
1	www.uhit.eu	original-pmu.blogspot.com
1	www.allosponsor.com	original-pmu.blogspot.com
1	www.root-top.com	original-pmu.blogspot.com
73	30

This site contains links to these domains. Also see Links.

Domain
www.toutimages.com
paris-promise.blogspot.com
calcula-prono.blogspot.com
pros-afrique.blogspot.com
cash-back1.blogspot.com
cash-du-jours.blogspot.com
recordturf1.blogspot.com
cash-univers.blogspot.com
pari-brillant.blogspot.com
turfistes1.blogspot.com
tierces-tuyau.blogspot.com
course-uniques.blogspot.com
grand-gagant.blogspot.com
derby-tierces.blogspot.com
course-en-euro.blogspot.com
gains-cash1.blogspot.com
bezz-dupmu.blogspot.com
www.root-top.com
www.allosponsor.com
www.uhit.eu
blogs.netoo.com
www.rapidoweb.free.fr
www.hebdotop.com
www.mondeturf.net
referencementsitegratuit.page-internet.net
www.istockphoto.com
www.blogger.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
geoloc5.idealpes.com R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://original-pmu.blogspot.com/p/historique.html?m=0
Frame ID: A3E4D76B4F4B708A82A1D1A0B1B8D276
Requests: 49 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&targetPageID=2013672088851487148&blogPostOrPageUrl=http://original-pmu.blogspot.com/p/historique.html%3Fm%3D0&vt=2277868479629362323&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
Frame ID: F674DB7D553A92EACD8B783FB3F00237
Requests: 5 HTTP requests in this frame

Frame: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Frame ID: A503128946990270446D7B8A3615011D
Requests: 6 HTTP requests in this frame

Frame: http://www.axis-medias.fr/taght2.php
Frame ID: CA7CE82A83B95D4B514B9D009BB7D248
Requests: 1 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Frame ID: E82184BBB2F2A47FB20EA3029B3B29FF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html
Frame ID: 2A89881227A6816F1FBAEB35AD5890F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263322827066722&output=html&adk=1812271804&adf=3025194257&lmt=1660173574&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Foriginal-pmu.blogspot.com%2Fp%2Fhistorique.html%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1660205249112&bpp=2&bdt=664&idt=280&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7510178694151&frm=20&pv=2&ga_vid=1952944.1660205249&ga_sid=1660205249&ga_hid=2109873698&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C31068911%2C31068920&oid=2&pvsid=3401699042700048&tmod=1655231454&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: EF5BCB61844062A1BA8B140731DA095E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 70BBA698026830C13F8799ACBC5ED49C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 333AC7F3D21282623DD2D9516B95ACCF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ORIGINAL-PMU: HISTORIQUE

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

73
Requests

63 %
HTTPS

62 %
IPv6

24
Domains

30
Subdomains

27
IPs

3
Countries

2500 kB
Transfer

3452 kB
Size

2
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: http://www.toutimages.com/

Search URL Search Domain Scan URL

URL: http://paris-promise.blogspot.com/
Title: PARIS-PROMISE

Search URL Search Domain Scan URL

URL: http://calcula-prono.blogspot.com/

Search URL Search Domain Scan URL

URL: http://pros-afrique.blogspot.com/
Title: PROS-AFRIQUE

Search URL Search Domain Scan URL

URL: http://cash-back1.blogspot.com/
Title: CASH-BACK1

Search URL Search Domain Scan URL

URL: http://cash-du-jours.blogspot.com/
Title: CASH-DU-JOURS

Search URL Search Domain Scan URL

URL: http://recordturf1.blogspot.com/
Title: RECORDTURF1

Search URL Search Domain Scan URL

URL: http://cash-univers.blogspot.com/
Title: CASH-UNIVERS

Search URL Search Domain Scan URL

URL: http://pari-brillant.blogspot.com/
Title: PARI-BRILLANT

Search URL Search Domain Scan URL

URL: http://turfistes1.blogspot.com/
Title: TURFISTES1

Search URL Search Domain Scan URL

URL: http://tierces-tuyau.blogspot.com/
Title: TIERCES-TUYAU

Search URL Search Domain Scan URL

URL: http://course-uniques.blogspot.com/
Title: COURSE-UNIQUES

Search URL Search Domain Scan URL

URL: http://grand-gagant.blogspot.com/
Title: GRAND-GAGANT

Search URL Search Domain Scan URL

URL: http://derby-tierces.blogspot.com/
Title: DERBY-TIERCES

Search URL Search Domain Scan URL

URL: http://course-en-euro.blogspot.com/
Title: COURSE-EN-EURO

Search URL Search Domain Scan URL

URL: http://gains-cash1.blogspot.com/
Title: GAINS-CASH1

Search URL Search Domain Scan URL

URL: http://bezz-dupmu.blogspot.com/
Title: BEZZ-DUPMU

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/originalpmu1/in.php?ID=7

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfistes/in.php?ID=1644

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/bettop/in.php?ID=188

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/gagnantplus/in.php?ID=56

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/freeturf/in.php?ID=2

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmu365/in.php?ID=12

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/megaturf/in.php?ID=979
Title: .

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfoscope/in.php?ID=554

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=1033

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/dada/in.php?ID=87

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/classement_general/in.php?ID=1981

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baseprono/in.php?ID=256

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfaunet/in.php?ID=506

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/filibert42/in.php?ID=5

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=839

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toptierce/in.php?ID=245

Search URL Search Domain Scan URL

URL: http://www.allosponsor.com/accueil.php?ref=51293

Search URL Search Domain Scan URL

URL: http://www.uhit.eu/

Search URL Search Domain Scan URL

URL: http://blogs.netoo.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=1795

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/forumturf/in.php?ID=28

Search URL Search Domain Scan URL

URL: http://www.hebdotop.com/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/lamaisonmere/in.php?ID=131

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfgagnant/in.php?ID=334

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/zeturf24/in.php?ID=51

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/chevaldorinfoturf/in.php?ID=167

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toppronosticgratuit/in.php?ID=118

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/james15/in.php?ID=245

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion/in.php?ID=102

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baronturf/in.php?ID=82

Search URL Search Domain Scan URL

URL: http://www.mondeturf.net/vote.php?id=5232
Title: Mondeturf.net

Search URL Search Domain Scan URL

URL: http://referencementsitegratuit.page-internet.net/
Title: Referencement gratuit

Search URL Search Domain Scan URL

URL: http://www.istockphoto.com/file_closeup.php?id=8126402&platform=blogger
Title: jangeltun

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://img.root-top.com/topsite/originalpmu1/banner.gif HTTP 301
https://img.root-top.com/topsite/originalpmu1/banner.gif

Request Chain 6

http://img.root-top.com/topsite/turfistes/banner.gif HTTP 301
https://img.root-top.com/topsite/turfistes/banner.gif

Request Chain 7

http://img.root-top.com/topsite/bettop/banner.gif HTTP 301
https://img.root-top.com/topsite/bettop/banner.gif HTTP 302
http://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif HTTP 301
https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif

Request Chain 8

http://img.root-top.com/topsite/gagnantplus/banner.gif HTTP 301
https://img.root-top.com/topsite/gagnantplus/banner.gif

Request Chain 9

http://img.root-top.com/topsite/freeturf/banner.gif HTTP 301
https://img.root-top.com/topsite/freeturf/banner.gif

Request Chain 10

http://img.root-top.com/topsite/pmu365/banner.gif HTTP 301
https://img.root-top.com/topsite/pmu365/banner.gif

Request Chain 11

http://img.root-top.com/topsite/turfoscope/banner.gif HTTP 301
https://img.root-top.com/topsite/turfoscope/banner.gif HTTP 302
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Request Chain 12

http://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 301
https://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 302
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Request Chain 13

http://img.root-top.com/topsite/dada/banner.gif HTTP 301
https://img.root-top.com/topsite/dada/banner.gif

Request Chain 14

http://img.root-top.com/topsite/classement_general/banner.gif HTTP 301
https://img.root-top.com/topsite/classement_general/banner.gif HTTP 302
http://www.root-top.com/images/bouton_RT1.gif

Request Chain 15

http://img.root-top.com/topsite/baseprono/banner.gif HTTP 301
https://img.root-top.com/topsite/baseprono/banner.gif HTTP 302
https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

Request Chain 16

http://img.root-top.com/topsite/turfaunet/banner.gif HTTP 301
https://img.root-top.com/topsite/turfaunet/banner.gif

Request Chain 24

http://www.pronostic-facile.fr/widget/originalpmu/script/feed HTTP 301
https://www.pronostic-facile.fr/widget/originalpmu/script/feed

Request Chain 31

http://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600 HTTP 301
https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request historique.html Show response
original-pmu.blogspot.com/p/ 73 KB
13 KB 353ms
272ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14b9c606918a1d5b50a216f227ccc487dbf7c64b818658b971594ffe3370d1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 12975
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 08:07:28 GMT
ETag: W/"dd5ec3d175b29f05d6d17f70f293e0b325c562be305cdcb6688c23ad582b6a6d"
Expires: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Wed, 10 Aug 2022 23:19:34 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 162ms
40ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 21:52:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 09 Aug 2023 08:02:22 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f230e923c1b3803f0617015b2a0ab31286a14ca8c1cac61a675182b8e9250dc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 11 Aug 2022 08:07:28 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "64a824b5ea9acada"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 08:07:28 GMT

GET
H/1.1 200
OK fleche_187.gif
gifs.hurgon.fr/images/webmaster/fleches/ 2 KB
2 KB 101ms
22ms Image
image/gif 62.210.16.61
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifs.hurgon.fr/images/webmaster/fleches/fleche_187.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.1
Server: 62.210.16.61 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-1.online.net
Software: nginx /
Resource Hash: a936337024d0feebe9019bd27b622336fbde4569666a9fb7e72fd12302042851

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Thu, 26 Sep 2019 12:08:38 GMT
Server: nginx
ETag: "728-59373a1352a90"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1832

GET
H/1.1 200
OK fleche_186.gif
gifs.hurgon.fr/images/webmaster/fleches/ 2 KB
2 KB 100ms
21ms Image
image/gif 62.210.16.61
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifs.hurgon.fr/images/webmaster/fleches/fleche_186.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.1
Server: 62.210.16.61 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-1.online.net
Software: nginx /
Resource Hash: 4fafa286bc227543651f0c6c69490d406e8b118a546c92d08f749818286adf66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Thu, 26 Sep 2019 12:08:38 GMT
Server: nginx
ETag: "727-59373a133a3eb"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1831

GET
H/1.1 200
OK geocounter.js Show response
geoloc5.geovisite.ovh/private/ 11 KB
12 KB 121ms
21ms Script
text/html 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://geoloc5.geovisite.ovh/private/geocounter.js?compte=9279n1qjl1j2
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: 1d8b3a53f756e3f1a1c02f695b0026b9f3799c236097cea47e32bb88b3227b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 08:07:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Connection: close
Content-Type: text/html; charset=UTF-8
Expires: Tue, 9 May 2000 11:11:11 GMT

GET
H3

200

banner.gif
img.root-top.com/topsite/originalpmu1/
Redirect Chain

http://img.root-top.com/topsite/originalpmu1/banner.gif
https://img.root-top.com/topsite/originalpmu1/banner.gif

4 KB
4 KB

41ms
21ms

Image
image/gif

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/originalpmu1/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f58d15e1605cf35f788e4fa3425f6af4d9f058923d4b63b519a92008d29eb44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 133553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3703
last-modified: Tue, 09 Aug 2022 19:01:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xijdh8aXhy5n%2B8ZfQiMpFq%2BHYc8%2FGmre21vCZ0tmXgCLyC5gzvOYV1J1VS4iD11v7kDPQj1XEXr3nQYt99MApR4DjTsmXXzRCm%2FAgJbcVIPj23CV8t%2BpkHVnrvWSAGFar9vvRM4czozNRJcJuSQo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a54a905bb80-FRA
expires: Fri, 12 Aug 2022 19:01:35 GMT

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91CFrdelYX275S5wnfmtaIGV9nKfFoPJm%2FrpWFJfJ2yw8%2FaI2J6CQ2dnsrbhlXsaKOkSd9fpMYlioSVrzXF2X7ycnPTEWoVHozJX1gFLhLM%2BGS1fn41ifs4PdcIWpgd4XzV86ymQM%2BwMo4KwhPlw"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/originalpmu1/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 738f7a541cfc91f3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/turfistes/
Redirect Chain

http://img.root-top.com/topsite/turfistes/banner.gif
https://img.root-top.com/topsite/turfistes/banner.gif

10 KB
10 KB

29ms
18ms

Image
image/gif

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfistes/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6049bb33ca3a57d6ef6368c2bf253e98a7fba1c45f173450806fc9fc187d06d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181320
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9830
last-modified: Tue, 09 Aug 2022 05:45:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmpB1Ti8TZksSLdYk4DbNw9%2FGVtaOlyWwDaKg8INoAbdvqVBXRc9zKXFMgGzbr18tr1U1Oycy4pR7taxEnh%2B8b7A8k1rb5edEk1JrRSDDa0Egx5yz7TjlSDPIkVOSm1PygrFqoyGkeP5I%2FyWPwHX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a547d066957-FRA
expires: Fri, 12 Aug 2022 05:45:28 GMT

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 125
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0WXVKb6st0%2BUaeKPBmL5bNVqahwU%2B%2FGrvyR9kT9%2Bhf5OYAzFTZunItb54%2BGqJsXG5cHgaJNTzZySIBR99jTsD5JcuCbwOdAWF2bLPGMkgJsExOqVfoKF5ttpn%2BS2ALXX15RUzI1SXj%2FKAdhwDQo"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/turfistes/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 738f7a5428d6911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1

200
OK

15111904060917821013763213.gif
nsm08.casimages.com/img/2015/11/19//
Redirect Chain

http://img.root-top.com/topsite/bettop/banner.gif
https://img.root-top.com/topsite/bettop/banner.gif
http://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif
https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif

9 KB
10 KB

88ms
17ms

Image
image/gif

91.121.164.142
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

HTTP/1.1

Server

91.121.164.142 , France, ASN16276 (OVH, FR),

Reverse DNS

ns360576.ip-91-121-164.eu

Software

Apache /

Resource Hash

45512018f9d6569d93610720cd59bdd4442e45bf609892a319a1137bb93ac929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:16:56 GMT
Last-Modified: Sat, 17 Feb 2018 19:33:17 GMT
Server: Apache
ETag: "91aa084-251b-5656d885fd53f"
Strict-Transport-Security: max-age=31556926
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.casimages.com
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9499
Expires: Fri, 11 Aug 2023 08:16:56 GMT

Redirect headers

Location: https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif
Date: Thu, 11 Aug 2022 08:16:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 282
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

banner.gif
img.root-top.com/topsite/gagnantplus/
Redirect Chain

http://img.root-top.com/topsite/gagnantplus/banner.gif
https://img.root-top.com/topsite/gagnantplus/banner.gif

4 KB
4 KB

38ms
17ms

Image
image/gif

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/gagnantplus/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8122ef526dd1514294b203b07632bf4d8cd3924e863c84967ef4e530fd4e6df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148844
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3609
last-modified: Tue, 09 Aug 2022 14:46:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgyrienGFWt04Uva%2B29jA6%2FRXlr%2Buwj9SF1wvYIMxYeZ4PNzyaG%2FsARHs1fuSJuQ0l42mAO%2FTV56K%2FlQa%2BMsvxw8NwGuc21TmPSaJgSb4s9Bl8ePOEHPaZ9ozC4472FqBIV4WbFly6PFaHwDBSm6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a547d006957-FRA
expires: Fri, 12 Aug 2022 14:46:44 GMT

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 949
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4EtAE7wYWCC6t6eYeR0cHPvEIaY0pp9iAU8ZePpXE7nwReWZu7epuRD5Dplf7YEnB02HuH5nK1CAwooeOw9uADtMjKvd8QKb%2F95wniLwZNdWzvJWyHMvEEJedkIFSvIqT3UJKVixTDdvjcwIiEd"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/gagnantplus/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 738f7a542df59b94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/freeturf/
Redirect Chain

http://img.root-top.com/topsite/freeturf/banner.gif
https://img.root-top.com/topsite/freeturf/banner.gif

3 KB
3 KB

24ms
24ms

Image
image/gif

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/freeturf/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6540b42f6622cb9aafc7bed04ee1de25ae3d42da419ead512a41acd3697bc418

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2931
last-modified: Wed, 10 Aug 2022 17:50:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2YUCXSltzWuHCOtn6QKRjnYhQTzqq0bCIBsaD3hHxC3bIxawUtsQ1gIZO3ayrSgtvk5QzGNOIKbCXuUoxCyTLWETZV9VwhUkl816ffClazE7aD%2FXGjAQMg6THRIGk1fnfxEXx6ha2q0ySY%2FcbLU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a54b920bb80-FRA
expires: Sat, 13 Aug 2022 17:50:18 GMT

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpU2vB8OewkVAKR97ucxPqjGYIKh3yopGIh8NV4c6N1igb6xEafuYGiwMU0jcfRRpVGf98SBDwMuNjZpqVIXCoaQ0EmPHzLFX0ghyz9fAbt2BxSp7EBzSAWWgG2stMeohk56o7A%2FmRrhF9e8xDSq"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/freeturf/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 738f7a542cd39b45-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/pmu365/
Redirect Chain

http://img.root-top.com/topsite/pmu365/banner.gif
https://img.root-top.com/topsite/pmu365/banner.gif

3 KB
4 KB

28ms
28ms

Image
image/gif

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/pmu365/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefefcd184ede20f9c3ccf577ae3158948b389a3fbbed05916b98847003f4da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3281
last-modified: Mon, 08 Aug 2022 10:53:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87y39M9qkn0RULSmXPXBRIicnZAP6Aujk%2B3t%2BgFmOumfh0L4FAgP6DhpG3pfg3KKEGqmy3LGZISvGLCqcKkmeNr8s6wYlUt%2FRC4GfBSsnUWN2rlj7u%2BeFcgHUOJ9NHgMRKmwEDBeDRz5dOOrmIgi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a54f96dbb80-FRA
expires: Thu, 11 Aug 2022 10:53:36 GMT

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlD0ZGwz9yU0HAR97FurDYmCNpDYspSxV%2FZ9aGcqrujH26ginyzTCAebHolP9M0%2BFkq%2Bok3upqF%2BWBYLuDws2Cc1oW8Z%2BpiHBQGjVLvniLZdooHHGODu5x0m1AoI9sUNozc%2B31pNH0xapmbagyOW"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/pmu365/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 738f7a549d6d91f3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

turfoscope.gif
1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/turfoscope/banner.gif
https://img.root-top.com/topsite/turfoscope/banner.gif
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

86 KB
86 KB

188ms
101ms

Image
image/gif

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:36:24 GMT
x-content-type-options: nosniff
age: 9064
content-disposition: inline;filename="turfoscope.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87766
x-xss-protection: 0
server: fife
etag: "v20cf"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 05:10:33 GMT

Redirect headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qm%2FogvXVfWfycv4kc7UsVspHaupQOtWF%2FW5P%2F5AloCBvhuPqwmiOep6Gd93vUI6kXBC%2FKyjw0tOA%2BQZIXaSvZ2SPxsa0H79dfOiWL3V%2B%2FrrFvtoqDRCHmDheoLhw%2FL1eB7%2FEqrwA2pt%2B4bse2koU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif
cf-ray: 738f7a54b91ebb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

jmpep80top.gif
1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/jmpep80top/banner.gif
https://img.root-top.com/topsite/jmpep80top/banner.gif
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

45 KB
45 KB

75ms
40ms

Image
image/gif

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:26:29 GMT
x-content-type-options: nosniff
age: 9659
content-disposition: inline;filename="jmpep80top.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46098
x-xss-protection: 0
server: fife
etag: "v20cb"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 12 May 2022 04:16:01 GMT

Redirect headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esHYOZ%2F9EVdvO6uIjOyvdMIBcwSpIWcr3t5pH5hXZi%2BsxoyuA2npYPS8gnJM7XOOZWVGLtGG1lzlDfFUkhI1lsZyPyd%2BPjYr8cetOL0O%2F2Evkr3%2Blcy7mfQxZiKHnqIToGk7Mik4vKSx6EsXWoYr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif
cf-ray: 738f7a55097bbb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

banner.gif
img.root-top.com/topsite/dada/
Redirect Chain

http://img.root-top.com/topsite/dada/banner.gif
https://img.root-top.com/topsite/dada/banner.gif

8 KB
8 KB

24ms
24ms

Image
image/gif

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/dada/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1eca536396664549fc8003c5eceae528d5fc278b07ba370084d6cb17cdfa2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7909
last-modified: Thu, 11 Aug 2022 07:05:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrsPU0mgN%2F%2Fu52viPJxbU7W%2BsDhE27GM8YdSncj99BKy2%2FtTcz7uty8OFNwCS04Zy%2B%2Fef5Mtd5kJ4xaG4xekf1GFLR3GV20UmvlFUbkB%2BnwKKraSgdQfXUGHKhQktV75PXwXu507EpIISEa6lc74"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a5549d4bb80-FRA
expires: Sun, 14 Aug 2022 07:05:22 GMT

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66u14kjMN4V8VvevFLTNNQo3Fr5GmbzEvvY2ip%2Fr%2Blw4USyJb11UztBCk3bPCXgtqG83Vt%2FA3z%2FjxQOr4HlOGabh5v7vyQNyqKEqLIx1uMNl2MZOMTrHQP5y4Nn7RKZp%2F4r0%2B%2FMzVpMaHN8zmCV%2F"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/dada/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 738f7a54ddb49b45-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1

200
OK

bouton_RT1.gif
www.root-top.com/images/
Redirect Chain

http://img.root-top.com/topsite/classement_general/banner.gif
https://img.root-top.com/topsite/classement_general/banner.gif
http://www.root-top.com/images/bouton_RT1.gif

3 KB
3 KB

77ms
31ms

Image
image/gif

195.210.43.68
MFX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.root-top.com/images/bouton_RT1.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

HTTP/1.1

Server

195.210.43.68 , France, ASN39506 (MFX-AS, FR),

Reverse DNS

aap1.createur-internet.com

Software

Apache /

Resource Hash

235ddb6372a963808ad3e009f2122c775d3bccfeeb71ed7a013d27e22448b0a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2009 17:33:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "cba-4795db1939040-gzip"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2433
Expires: Sat, 10 Sep 2022 08:07:29 GMT

Redirect headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FKjv%2Bm5dpeKeBkfXY9%2BtkAdZMliawJqaOirXrliY1tDjlvEmJmBoosWY5vio%2BTT6SRXFsHc2Io6bNLWMCgrowAcp0%2F9kCOKA3V2%2FdWUPabJWzH8qlZBGybTZX%2FP%2BWIXtUaUk5Yca9%2BwO3dmt%2FEu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://www.root-top.com/images/bouton_RT1.gif
cf-ray: 738f7a5559e6bb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

baseprono.gif
1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/baseprono/banner.gif
https://img.root-top.com/topsite/baseprono/banner.gif
https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

76 KB
76 KB

128ms
43ms

Image
image/gif

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ee1402f97fc6f57f2e75288863c86a3f2896eed50406745d58ce9b2ddcf7c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:20:10 GMT
x-content-type-options: nosniff
age: 2839
content-disposition: inline;filename="baseprono.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77950
x-xss-protection: 0
server: fife
etag: "v20bc"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 27 Jul 2022 12:11:04 GMT

Redirect headers

date: Thu, 11 Aug 2022 08:07:29 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTVebttf8H3vuVLIHCcPDcmoSGp%2FCqKtELVMxgox4U3mFBCeM%2BK8m6k1Bq%2FZdTOpxo0OOLl6XogcGOcj%2B5XgsywLcJZct8hsJCOnGP%2BKrMiNeo54xmd%2B50mI0R6E41H0aeowV2v2IwUfQgpDPZGq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif
cf-ray: 738f7a55aa58bb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

banner.gif
img.root-top.com/topsite/turfaunet/
Redirect Chain

http://img.root-top.com/topsite/turfaunet/banner.gif
https://img.root-top.com/topsite/turfaunet/banner.gif

9 KB
10 KB

27ms
27ms

Image
image/gif

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfaunet/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f311f7da8400d8563707fca9b07327d25f00f2101a6d1180d90bad9d7608d7f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9220
last-modified: Mon, 08 Aug 2022 18:41:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v1Q2hVjVrqBP7CnmZ3fr8H7va3wiZYBd4SEY06U2jotKAIMLb00jsaME%2FroPdNE3BlOw5hqfW%2FgQcDopj6lrdrnph3zUdHqJZAOX%2B1s9Jz8J2JU4G%2BUVkn11%2FrprPms2zl5FS3CUV%2BDnNt0SgXo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a55aa5bbb80-FRA
expires: Thu, 11 Aug 2022 18:41:42 GMT

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 808
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHRVwq8FHoHZCRk2lxzxAZF5DYpH%2Fvu4zkviemCsxPiU0dFQVOWMd3d4Z1mvi8tEbpVizMeVt3A%2FlYSfVkbfWMfSOHhAGtQkcx7P%2BYKnZJT5MQPJqueG5p1CFAFeCRpDkUXfdAmPyVi1b55T%2FLnJ"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/turfaunet/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 738f7a556a3f911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H3 200 banner.gif
img.root-top.com/topsite/filibert42/ 3 KB
3 KB 43ms
22ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/filibert42/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29155cf84ba51c7db8fdfbf235524eb8f37db2d4ccd281b843f5f0f865ae8c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76601
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2955
last-modified: Wed, 10 Aug 2022 10:50:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvHXoQe%2FOXd79MDj2pU4XYVkqCqr0JfOgJYYZYMJ8Jh%2FPyNCuie699JVOrWA1x1V5FcVIO0Ic%2F3erDlLcxjOXvPz1OM%2F%2BGCN0bHRwTt2C%2BzZhsL8ASo%2BrGxYbe2uwddZNAV7k5Ge6I0F6lPe7pTn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 738f7a54a904bb80-FRA
expires: Sat, 13 Aug 2022 10:50:47 GMT

GET
H/1.0 200
OK allosponsor_88x31.gif
www.allosponsor.com/image/ 13 KB
14 KB 85ms
22ms Image
image/gif 212.83.146.214
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.allosponsor.com/image/allosponsor_88x31.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.0
Server: 212.83.146.214 , France, ASN12876 (Online SAS, FR),
Reverse DNS: allosponsor.lixium.fr
Software: Apache/2.2.22 (Debian) /
Resource Hash: 1af0b2990efdc47bdd80975ec2535fa0b19df2e5de2249899b948bc856fc8c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:27 GMT
X-Pad: avoid browser bug
X-Cache-Lookup: HIT from 212-83-146-214.rev.poneytelecom.eu:80
Last-Modified: Mon, 19 Jul 2010 11:29:10 GMT
Server: Apache/2.2.22 (Debian)
ETag: "38034e-34b9-48bbbe0974d80"
X-Cache: MISS from 212-83-146-214.rev.poneytelecom.eu
Content-Type: image/gif
Via: 1.1 212-83-146-214.rev.poneytelecom.eu:80 (squid/2.7.STABLE9)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13497

GET
H/1.1 403
Forbidden button1.php
www.uhit.eu/ 0
0 215ms
29ms Image
text/html 185.154.136.89
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.uhit.eu/button1.php?u=titro-turf
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.1
Server: 185.154.136.89 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H/1.1 200
OK 88x31blogs.gif
blogs.netoo.com/pub/ 2 KB
2 KB 518ms
17ms Image
image/gif 188.165.42.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://blogs.netoo.com/pub/88x31blogs.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.1
Server: 188.165.42.17 , France, ASN16276 (OVH, FR),
Reverse DNS: comix.netoo.net
Software: Apache /
Resource Hash: 1237421ee201c5fb40954aff7e9a8e39d011d8ab10cd7be9ec682f8e79e96711

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:29 GMT
Last-Modified: Sat, 19 Aug 2006 17:03:45 GMT
Server: Apache
ETag: "420013-795-41b61dc153e40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1941

GET
H/1.1 200
OK topliens.gif
www.rapidoweb.free.fr/images/ 2 KB
2 KB 90ms
16ms Image
image/gif 212.27.63.105
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rapidoweb.free.fr/images/topliens.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.1
Server: 212.27.63.105 , France, ASN12322 (PROXAD, FR),
Reverse DNS: perso105-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: 7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Fri, 21 Mar 2003 16:40:46 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]
ETag: "2b8d6b-831-3e7b408e"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 2097

GET
H/1.0 200
OK hebdotop.eur Show response
www.hebdotop.com/cgi-bin/ 1 KB
1 KB 280ms
25ms Script
text/html 212.83.146.214
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hebdotop.com/cgi-bin/hebdotop.eur?id=303425
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.0
Server: 212.83.146.214 , France, ASN12876 (Online SAS, FR),
Reverse DNS: allosponsor.lixium.fr
Software: Apache/2.2.22 (Debian) /
Resource Hash: 810ce18253e43103b2ba827bfb9046e257cbb70060ef36b30208d59ee159463f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Via: 1.1 212-83-146-214.rev.poneytelecom.eu:80 (squid/2.7.STABLE9)
X-Cache-Lookup: MISS from 212-83-146-214.rev.poneytelecom.eu:80
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
X-Cache: MISS from 212-83-146-214.rev.poneytelecom.eu
Content-Type: text/html
Connection: close
Content-Encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 185ms
98ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa260d98ef15dd640a97df297bea9a6cd400b301b2eb94c429b6c9d8e3c7d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51506
x-xss-protection: 0
server: cafe
etag: 12126953910340930863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 08:07:28 GMT

GET
H2

200

feed Show response
www.pronostic-facile.fr/widget/originalpmu/script/
Redirect Chain

http://www.pronostic-facile.fr/widget/originalpmu/script/feed
https://www.pronostic-facile.fr/widget/originalpmu/script/feed

245 B
910 B

95ms
62ms

Script
text/html

2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/originalpmu/script/feed
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: H2
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5744bdc6e361c95e2ae0959aa47a42f5799b5292025a5977afb7888d2f37d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-runtime: 1
date: Thu, 11 Aug 2022 08:07:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGoHfOfCT9YCNhFJlCJkppUlMXvLSHVlxcHS9lEGeajaIwdc1FoIMSTrzP5FRD1lHp30R%2B7XWm21dNa1FWZRSNVInwprtLXUDgJZ9WhGM5pHVtTQNDJUoOmqgBKianJeLESirn%2Bz%2FZr%2FlB2LsCSm4PMQCgIV5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 738f7a547d19bbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBgD%2B6zJn4%2FZictu5LgIAmXB0vkbgJu%2BETkmyu0Rkrcua9ICGy8WjHUzumDUYDrRuBd2AB%2BH8Oqg%2BM9W3Eg9wZFfrGGTCqrwGz6emoJ3%2B9I5Vl17ewSepr2HeamIwifnCUTHKdPXuG6rgblq8bfB4h%2FlCKO5eA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.pronostic-facile.fr/widget/originalpmu/script/feed
Connection: keep-alive
CF-RAY: 738f7a541877bb7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 148ms
147ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5579839696325710492&zx=2f43bdcb-85ea-4824-a19b-8a70d4464999

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Aug 2022 08:07:28 GMT
server: GSE
date: Thu, 11 Aug 2022 08:07:28 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookienotice.js Show response
original-pmu.blogspot.com/js/ 6 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://original-pmu.blogspot.com/js/cookienotice.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/p/historique.html?m=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 21:21:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Aug 2022 19:03:00 GMT
Server: sffe
Age: 557130
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 6513
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Thu, 11 Aug 2022 21:21:58 GMT

GET
H2 200 1698779419-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
156 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1698779419-widgets.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb53dbc485e3e4d6bd2234b33760bf386d7f930ebe6a7513ab721a84bbedbe63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 14:10:56 GMT
x-content-type-options: nosniff
age: 150992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159145
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 23:54:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 09 Aug 2023 14:10:56 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 149 KB
51 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70e22adf0ae6a037f66cb815bf64a33b2da2ff9afaee90245c59bf457b07670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 12:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51941
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 12:35:08 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 52 KB
16 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d06e3f17ca2424cc612b2e437ac5db9e8c997585208c363e8996810a9bcd30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 19:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16717
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 19:24:14 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
657 B 78ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 07:44:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1404
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Thu, 25 Aug 2022 07:44:04 GMT

GET
H2

200

image
themes.googleusercontent.com/
Redirect Chain

http://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600
https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

1 MB
1 MB

199ms
108ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d9d309e9e551cf6eb930544a61f51a74d57a442a4aaced61a8abfdc77fec7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1209057
x-xss-protection: 0
expires: Fri, 12 Aug 2022 08:07:28 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 08:07:28 GMT
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 white80.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
233 B 131ms
130ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/white80.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 16:12:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 00:54:58 GMT
server: sffe
age: 57328
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 17 Aug 2022 16:12:00 GMT

GET
H2 200 header_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 424 B
538 B 132ms
131ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/header_gradient_shade.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 09:13:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 06:54:16 GMT
server: sffe
age: 600857
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 424
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 11 Aug 2022 09:13:11 GMT

GET
H2 200 tabs_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 185 B
298 B 132ms
132ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/tabs_gradient_shade.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 17:00:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 17:54:31 GMT
server: sffe
age: 54410
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 185
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 17 Aug 2022 17:00:38 GMT

GET
H/1.1 200
OK tDbM2oWUg0MKoZw1-LPK8w.woff2
fonts.gstatic.com/s/arvo/v20/ 17 KB
18 KB 77ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/arvo/v20/tDbM2oWUg0MKoZw1-LPK8w.woff2

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Origin: http://original-pmu.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 17:39:17 GMT
X-Content-Type-Options: nosniff
Age: 52091
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 17300
X-XSS-Protection: 0
Last-Modified: Tue, 19 Apr 2022 18:49:01 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 10 Aug 2023 17:39:17 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame F674 7 KB
3 KB 149ms
149ms Document
text/html 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&targetPageID=2013672088851487148&blogPostOrPageUrl=http://original-pmu.blogspot.com/p/historique.html%3Fm%3D0&vt=2277868479629362323&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61f991b7959b1a2a0bb2464320c2fb5480fb732d1b4f28b0430373a967e1c873

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2654
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 08:07:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK geocounter_iframe_css_64.php Show response
geoloc5.geovisite.ovh/private/ Frame A503 160 KB
161 KB 115ms
79ms Document
text/html 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter.js?compte=9279n1qjl1j2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: 934ef72084e1b0e1b4da00e030899b03d7968716285e4ae4a9447a1bfcfa1297

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 08:07:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK pointeur.gif
geoloc5.geovisite.ovh/private/geoloc/ 43 B
257 B 65ms
24ms Image
image/gif 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/private/geoloc/pointeur.gif?|9279n1qjl1j2||1200*1600|windows|en|24|1660205259|||chrome|104||DE|50.104900|8.629500|Frankfurt+Am+Main|31173+Services+AB|1660205248|geocounter|0|1660205248|||http%3A//original-pmu.blogspot.com/p/historique.html%3Fm%3D0|NULL
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Tue, 04 Mar 2008 08:22:49 GMT
Server: lighttpd/1.4.54
Accept-Ranges: bytes
ETag: "2777121996"
Content-Length: 43
Content-Type: image/gif

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 577ms
576ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5579839696325710492&zx=2f43bdcb-85ea-4824-a19b-8a70d4464999

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Aug 2022 08:07:29 GMT
server: GSE
date: Thu, 11 Aug 2022 08:07:29 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame F674 52 KB
20 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&targetPageID=2013672088851487148&blogPostOrPageUrl=http://original-pmu.blogspot.com/p/historique.html%3Fm%3D0&vt=2277868479629362323&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38dd27743a0c680c8b8c13fc5de0d2100dec8476a0e436572ad4a7922b44fdcb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20370
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 11 Aug 2022 08:07:28 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "39e479b6add6900e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 08:07:28 GMT

GET
H/1.1 200
OK taght2.php Show response
www.axis-medias.fr/ Frame CA7C 0
202 B 108ms
63ms Document
text/html 194.150.236.222
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.axis-medias.fr/taght2.php
Requested by: Host: www.hebdotop.com
URL: http://www.hebdotop.com/cgi-bin/hebdotop.eur?id=303425
Protocol: HTTP/1.1
Server: 194.150.236.222 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns62.hiwit.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 08:07:27 GMT
Keep-Alive: timeout=15, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H/1.0 200
OK vote75211.eur
www.hebdotop.com/cgi-bin/ 181 B
501 B 21ms
21ms Image
image/png 212.83.146.214
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hebdotop.com/cgi-bin/vote75211.eur?id=303425
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0
Protocol: HTTP/1.0
Server: 212.83.146.214 , France, ASN12876 (Online SAS, FR),
Reverse DNS: allosponsor.lixium.fr
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Via: 1.1 212-83-146-214.rev.poneytelecom.eu:80 (squid/2.7.STABLE9)
X-Cache-Lookup: MISS from 212-83-146-214.rev.poneytelecom.eu:80
Server: Apache/2.2.22 (Debian)
Connection: close
X-Cache: MISS from 212-83-146-214.rev.poneytelecom.eu
Content-Type: image/png

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame F674 907 B
930 B 41ms
40ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:17:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 09:52:54 GMT
server: sffe
age: 161421
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 16 Aug 2022 11:17:07 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame F674 117 B
140 B 41ms
41ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 15:53:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Aug 2022 23:56:09 GMT
server: sffe
age: 576816
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 11 Aug 2022 15:53:52 GMT

GET
H3 200 all Show response
www.pronostic-facile.fr/widget/originalpmu/feed/ Frame E821 15 KB
6 KB 147ms
126ms Document
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/originalpmu/script/feed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b962870b0af11c88f198e9cb82881d673ce83eee531f1573f8b31b07872717f

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 738f7a55eb818ff2-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Aug 2022 08:07:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P6DwX%2BUGSovxC4%2B2gpuAFZtY%2BDmUzyY5KW5fWH8Mp7PO1qn53dne1tKHMqoc9zRwzMS83XCJWWBoklajtcRxtb3Yjc9CwjxtP%2FFTnxWlbO7DwKB6Hdni7xe3OIEfcTMeE4xwcvkVtPn7CUlMeVrjYJa%2Bs8O2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 62

GET
H3 200 black50.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
119 B 41ms
41ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/black50.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 00:50:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 22:52:28 GMT
server: sffe
age: 112590
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 17 Aug 2022 00:50:58 GMT

GET
H/1.1 200
OK casquette.png
geoloc5.geovisite.ovh/skin/geocounter/ Frame A503 4 KB
5 KB 19ms
19ms Image
image/png 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/geocounter/casquette.png
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 40ba84bac5d740e913d6c7035c8fe93eca31244fdb3564577c1af60847d1c262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Tue, 14 Apr 2015 12:26:12 GMT
Server: lighttpd/1.4.54
ETag: "303213619"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 4348
Expires: Fri, 26 Aug 2022 08:07:28 GMT

GET
H/1.1 200
OK loupe30.png
geoloc5.geovisite.ovh/skin/png/ Frame A503 30 KB
31 KB 57ms
36ms Image
image/png 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/png/loupe30.png
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 9d34a303f8c67d6d63830ae852e3368ec97c8237e82672fa2a144352d1ce9460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Mon, 15 Jan 2007 09:45:09 GMT
Server: lighttpd/1.4.54
ETag: "3728015203"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 31101
Expires: Fri, 26 Aug 2022 08:07:28 GMT

GET
H/1.1 200
OK loupe30.cur
geoloc5.geovisite.ovh/skin/png/ Frame A503 4 KB
4 KB 50ms
18ms Image
application/octet-stream 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/png/loupe30.cur
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 5f16ab826f87f46f60ad8c98c3bbed9a4273ff2da7843130b3036891251af5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Thu, 16 Apr 2015 09:42:42 GMT
Server: lighttpd/1.4.54
ETag: "1268945244"
Content-Type: application/octet-stream
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 3782
Expires: Fri, 26 Aug 2022 08:07:28 GMT

GET
H/1.1 200
OK globe.gif
geoloc5.geovisite.ovh/skin/geocounter/ Frame A503 168 KB
168 KB 53ms
18ms Image
image/gif 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/geocounter/globe.gif
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 587cdcf764cce58883c13701fe36bdc1a68984555b6f1dc4540cc5e92217fcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:07:28 GMT
Last-Modified: Tue, 28 Apr 2015 14:03:22 GMT
Server: lighttpd/1.4.54
ETag: "343773560"
Content-Type: image/gif
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 171894
Expires: Fri, 26 Aug 2022 08:07:28 GMT

GET
DATA 200
OK truncated
/ Frame A503 118 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 442e7c11899021970d4d6c6068c57074c745a1fe624ec513458988a20a30f82f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ Frame F674 128 KB
42 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e221278f830690a97288800fa8740a3022cb1c142f0ad7e8a1f93705fb92a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42670
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 05:32:31 GMT

GET
H2 200 rss-fp-1612893811.png
cdn3.pronostic-facile.fr/images/icones/16x16/ Frame E821 739 B
1 KB 72ms
26ms Image
image/png 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:29 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8290
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 739
last-modified: Tue, 09 Feb 2021 18:03:31 GMT
server: cloudflare
etag: "6022ce73-2e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FKQ63snoHyJAZIFgwGlRxrd1d9YLSsiRSJvq9DUkzayqPEO4ANrR%2B7WrScV2fq19VbHpWTwmRShtNKCq4t2qvUJO7YQlvuWTFBruKkVoyvWxMD0%2Fh0ZgUwscqDUDyhDYTO0pef41SvhzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 738f7a5709a1bbec-FRA
x-amz-cf-id: tAHTHCSzKSpK3yTB5Sbgf8b9iRVHSTKImZ_VtkgokQMGrf80FAP9Hg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E821 106 KB
41 KB 156ms
51ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78ff7c56ec6999c1f24ba88038aebe4611d541dfc036b5296c04ed1c45f0f99c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41881
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Aug 2022 08:07:29 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame E821 14 KB
5 KB 99ms
55ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 738f7a570dff68eb-FRA

GET
DATA 200
OK truncated
/ Frame E821 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
120 KB 179ms
81ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8263322827066722&plah=original-pmu.blogspot.com&bust=31068911

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05ce7ca2d49667ca6f315a1793e4f9e40e9961236cb11e435e56ba223589474f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122758
x-xss-protection: 0
server: cafe
etag: 5781092526202806645
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 08:07:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/ Frame 2A89 10 KB
5 KB 140ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 20:24:33 GMT
etag: 8616628553774171045
expires: Wed, 24 Aug 2022 20:24:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E821 49 KB
20 KB 125ms
41ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3929
date: Thu, 11 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Aug 2022 09:02:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 145ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=original-pmu.blogspot.com&callback=_gfp_s_&client=ca-pub-8263322827066722

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8263322827066722&plah=original-pmu.blogspot.com&bust=31068911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6c02a83b1c94fd5c70ae95bde01c58c080ac84f1b587084bff47a6776649f63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 131ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=original-pmu.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=original-pmu.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Foriginal-pmu.blogspot.com%2Fp%2Fhistorique.html%3Fm%3D0&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/p/historique.html?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 08:07:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF5B 603 B
68 B 152ms
72ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263322827066722&output=html&adk=1812271804&adf=3025194257&lmt=1660173574&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Foriginal-pmu.blogspot.com%2Fp%2Fhistorique.html%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1660205249112&bpp=2&bdt=664&idt=280&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7510178694151&frm=20&pv=2&ga_vid=1952944.1660205249&ga_sid=1660205249&ga_hid=2109873698&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C31068911%2C31068920&oid=2&pvsid=3401699042700048&tmod=1655231454&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 08:07:29 GMT
expires: Thu, 11 Aug 2022 08:07:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame E821 0
172 B 17ms
17ms XHR
text/plain 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.pronostic-facile.fr
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 738f7a591f6d8ff2-FRA
vary: Origin

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 175ms
89ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c094b4e6ed5e1418e8abeda34366eca03bef7a3832c8d44fbcd8167e064064c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11169
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 155ms
52ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 08:07:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 70BB 13 KB
5 KB 123ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 07:47:05 GMT
expires: Fri, 11 Aug 2023 07:47:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 333A 783 B
1 KB 190ms
107ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6cefd8b6ed125397c0d937e2422ce16718d1042505442ea1bdb9217b21f6b34b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LU0E_s9FcaThkPuuvwHtFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-LU0E_s9FcaThkPuuvwHtFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 08:07:30 GMT
expires: Thu, 11 Aug 2022 08:07:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame 70BB 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 07:58:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 70BB 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HDVMZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:07:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 333A 0
0 76ms
75ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=3401699042700048&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=3401699042700048&bg=!ICOlI2fNAAa4hXTbmIU7ACkAdvg8Wp9OYae6L8Budm5jCIIZifmb9nSF6r5wgm4wJlDxjtMMHAzpCgIAAABhUgAAAAJoAQeZAtoE2Q356Ftfuiv4O0Dv0YEXxbMW7O7QsG5OtbwFoB-1ntBqdLdW-k_I75EUR-mpIrNiLwwPsaQDOGoGZGTyGxHJfSFtb8SrpW1ieiXqnvNp8v7kUxZbEgsPY3O2JMi_8RpABLAkjjrWYUPrH8_lJP4OOIykAl3oUr2KQgumOBgxr3Msv5f0hIE3m8_Tl_qvh33ATATST6p8PlGwuZRBXSuI1khZ9LqXx1BhUqI1c4OLYZJAPYCtVaYSd_hu4DFMU0pzk2bw6i0jemz4sDZ8t_Yj2KySYon2WjJGNu51-4mQh4AW8C0auYgjPc68aV0yOD8vDe9NzqJ-6TvTNXGxreCaqpl84u8qFMbDKEoAqrgjYLQVLBF7y38aKJn9XHbv9ba00L_Hlf5XPh3KvHrPZBmwQGMV2k8EDGJn4HxnO_o2qIaDXK7iAMWG6hylpfW5ZDg-J5bP8WscdsOatchpDK-tpJYeC2coaKqsSCvb2r-IEtG__ZqB_PGYaSz0ubCMWzMkyPl55BY8odKcw7Ar7NFyoIpkl3bpescqe7UV3CHo1xBKZmxPjZiWcVH4CLknBc3GSFspgqYosZ6z5oJ0K7m7oHHB2IJiIq_B9ibeurLslVOqSpL8GbI-hPui0TP6e_V24ukceJw-8DQov7aQ4qeQgaZ_A58efQUTdJUKq7EDnXXvnomfMiUXW4kEY3vp_wf9JZSQhU7tcOthgZv1EcaFnBSOIZMB6_r0G2GZYJ2IrFy9lqlaJQdWk_yqZIDuqOvR8qFpikZSmryGzuOdE1kS9qKFy8rl-1pDy6wRTv7C_TROCb7gKMhntPaGRUt3HFK-9w3vRWalLMsbPF7G_1ZS9Aa0Jb3UJQypOnEjsVXASW4fVc52rgMVFJaJuMgGjY8aWTwv6VXu_9ZC_p7aOenMvvsHb3bsNRZcBb_A3e-kBlJL3KUHW6BiH6Lmj33rwE7dC_U6Nmxli230
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			original-pmu.blogspot.com/	1970-01-20 05:20:10	Name: acceptcookie Value: ok
			.doubleclick.net/	1970-01-20 05:10:06	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.uhit.eu/button1.php?u=titro-turf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
apis.google.com
blogs.netoo.com
cdn3.pronostic-facile.fr
fonts.gstatic.com
geoloc5.geovisite.ovh
gifs.hurgon.fr
googleads.g.doubleclick.net
img.root-top.com
nsm08.casimages.com
original-pmu.blogspot.com
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
static.cloudflareinsights.com
themes.googleusercontent.com
tpc.googlesyndication.com
www.allosponsor.com
www.axis-medias.fr
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hebdotop.com
www.pronostic-facile.fr
www.rapidoweb.free.fr
www.root-top.com
www.uhit.eu
142.250.184.226
185.154.136.89
188.165.42.17
194.150.236.222
195.210.43.68
212.27.63.105
212.83.146.214
2606:4700:3034::6815:15de
2606:4700:3038::6815:ea1b
2606:4700:440e::ac40:9c1a
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2009
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
54.36.176.112
62.210.16.61
91.121.164.142
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
05ce7ca2d49667ca6f315a1793e4f9e40e9961236cb11e435e56ba223589474f
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0f230e923c1b3803f0617015b2a0ab31286a14ca8c1cac61a675182b8e9250dc
1237421ee201c5fb40954aff7e9a8e39d011d8ab10cd7be9ec682f8e79e96711
14b9c606918a1d5b50a216f227ccc487dbf7c64b818658b971594ffe3370d1f4
1af0b2990efdc47bdd80975ec2535fa0b19df2e5de2249899b948bc856fc8c0b
1d8b3a53f756e3f1a1c02f695b0026b9f3799c236097cea47e32bb88b3227b9c
2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7
235ddb6372a963808ad3e009f2122c775d3bccfeeb71ed7a013d27e22448b0a9
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2b962870b0af11c88f198e9cb82881d673ce83eee531f1573f8b31b07872717f
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047
38dd27743a0c680c8b8c13fc5de0d2100dec8476a0e436572ad4a7922b44fdcb
40ba84bac5d740e913d6c7035c8fe93eca31244fdb3564577c1af60847d1c262
43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5
442e7c11899021970d4d6c6068c57074c745a1fe624ec513458988a20a30f82f
45512018f9d6569d93610720cd59bdd4442e45bf609892a319a1137bb93ac929
4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3
4f58d15e1605cf35f788e4fa3425f6af4d9f058923d4b63b519a92008d29eb44
4fafa286bc227543651f0c6c69490d406e8b118a546c92d08f749818286adf66
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587cdcf764cce58883c13701fe36bdc1a68984555b6f1dc4540cc5e92217fcc2
58d06e3f17ca2424cc612b2e437ac5db9e8c997585208c363e8996810a9bcd30
5f16ab826f87f46f60ad8c98c3bbed9a4273ff2da7843130b3036891251af5ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f991b7959b1a2a0bb2464320c2fb5480fb732d1b4f28b0430373a967e1c873
6540b42f6622cb9aafc7bed04ee1de25ae3d42da419ead512a41acd3697bc418
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
6a5744bdc6e361c95e2ae0959aa47a42f5799b5292025a5977afb7888d2f37d0
6c02a83b1c94fd5c70ae95bde01c58c080ac84f1b587084bff47a6776649f63c
6cefd8b6ed125397c0d937e2422ce16718d1042505442ea1bdb9217b21f6b34b
6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
78ff7c56ec6999c1f24ba88038aebe4611d541dfc036b5296c04ed1c45f0f99c
7c094b4e6ed5e1418e8abeda34366eca03bef7a3832c8d44fbcd8167e064064c
7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec
7e221278f830690a97288800fa8740a3022cb1c142f0ad7e8a1f93705fb92a7a
7ee1402f97fc6f57f2e75288863c86a3f2896eed50406745d58ce9b2ddcf7c39
810ce18253e43103b2ba827bfb9046e257cbb70060ef36b30208d59ee159463f
8122ef526dd1514294b203b07632bf4d8cd3924e863c84967ef4e530fd4e6df1
934ef72084e1b0e1b4da00e030899b03d7968716285e4ae4a9447a1bfcfa1297
9d34a303f8c67d6d63830ae852e3368ec97c8237e82672fa2a144352d1ce9460
9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a936337024d0feebe9019bd27b622336fbde4569666a9fb7e72fd12302042851
aefefcd184ede20f9c3ccf577ae3158948b389a3fbbed05916b98847003f4da8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6049bb33ca3a57d6ef6368c2bf253e98a7fba1c45f173450806fc9fc187d06d
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c29155cf84ba51c7db8fdfbf235524eb8f37db2d4ccd281b843f5f0f865ae8c7
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d9d309e9e551cf6eb930544a61f51a74d57a442a4aaced61a8abfdc77fec7865
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfa260d98ef15dd640a97df297bea9a6cd400b301b2eb94c429b6c9d8e3c7d61
e1eca536396664549fc8003c5eceae528d5fc278b07ba370084d6cb17cdfa2b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f311f7da8400d8563707fca9b07327d25f00f2101a6d1180d90bad9d7608d7f3
f70e22adf0ae6a037f66cb815bf64a33b2da2ff9afaee90245c59bf457b07670
fb53dbc485e3e4d6bd2234b33760bf386d7f930ebe6a7513ab721a84bbedbe63
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

original-pmu.blogspot.com Open in urlscan Pro 2a00:1450:4001:82b::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

63 %HTTPS

62 %IPv6

24 Domains

30 Subdomains

27 IPs

3 Countries

2500 kBTransfer

3452 kBSize

2 Cookies

52 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

original-pmu.blogspot.com Open in urlscan Pro
2a00:1450:4001:82b::2001 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

63 %
HTTPS

62 %
IPv6

24
Domains

30
Subdomains

27
IPs

3
Countries

2500 kB
Transfer

3452 kB
Size

2
Cookies

73 HTTP transactions
2 data transactions