turfvoyance.blogspot.com Open in urlscan Pro
172.217.16.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://turfvoyance.blogspot.com/?m=1
Submission: On October 05 via manual (October 5th 2021, 4:39:33 pm UTC) from ML — Scanned from DE

Summary HTTP 52 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 52 HTTP transactions. The main IP is 172.217.16.129, located in United States and belongs to GOOGLE, US. The main domain is turfvoyance.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on September 13th 2021. Valid for: 2 months.

This is the only time turfvoyance.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
1 10	172.217.18.105 172.217.18.105	15169 (GOOGLE) (GOOGLE)
16	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	51.254.50.144 51.254.50.144	16276 (OVH) (OVH)
1	178.33.10.30 178.33.10.30	16276 (OVH) (OVH)
2	213.246.57.128 213.246.57.128	21409 (IKOULA) (IKOULA)
6	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
3	104.21.21.222 104.21.21.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.254.1.54 178.254.1.54	42730 (EVANZOAS) (EVANZOAS)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1 1	142.250.74.141 142.250.74.141	15169 (GOOGLE) (GOOGLE)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
2	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
2	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
4 4	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
52	18

1 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net

turfvoyance.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.105 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f105.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.254.50.144 (France)

ASN16276 (OVH, FR)
PTR: ip144.ip-51-254-50.eu

www.maxannu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.33.10.30 (France)

ASN16276 (OVH, FR)
PTR: ip30.ip-178-33-10.eu

www.top-france.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.246.57.128 (France)

ASN21409 (IKOULA, FR)
PTR: www.allosponsor.com

www.hebdotop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.21.222 (None, )

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.254.1.54 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: hello-world.digital

www.zeitverschiebung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.141 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.132 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googleusercontent.com lh5.googleusercontent.com lh4.googleusercontent.com lh6.googleusercontent.com lh3.googleusercontent.com	144 KB
11	google.com 5 redirects apis.google.com accounts.google.com www.google.com	176 KB
7	blogger.com 1 redirects www.blogger.com	198 KB
3	pronostic-facile.fr www.pronostic-facile.fr cdn2.pronostic-facile.fr	8 KB
3	blogblog.com resources.blogblog.com	1 KB
3	blogspot.com turfvoyance.blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com	58 KB
2	google-analytics.com www.google-analytics.com	39 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	97 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	46 KB
2	hebdotop.com www.hebdotop.com	945 B
2	paypalobjects.com www.paypalobjects.com	2 KB
1	zeitverschiebung.net www.zeitverschiebung.net	2 KB
1	top-france.com www.top-france.com	2 KB
1	maxannu.com www.maxannu.com	7 KB
52	15

	Domain	Requested by
7	www.blogger.com	1 redirects turfvoyance.blogspot.com www.blogger.com apis.google.com
6	apis.google.com	turfvoyance.blogspot.com apis.google.com www.blogger.com
6	lh3.googleusercontent.com	turfvoyance.blogspot.com www.blogger.com
4	www.google.com	4 redirects
4	lh4.googleusercontent.com	turfvoyance.blogspot.com
3	resources.blogblog.com	turfvoyance.blogspot.com
3	lh6.googleusercontent.com	turfvoyance.blogspot.com
3	lh5.googleusercontent.com	turfvoyance.blogspot.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.zeitverschiebung.net www.pronostic-facile.fr
2	www.pronostic-facile.fr	turfvoyance.blogspot.com www.pronostic-facile.fr
2	www.hebdotop.com	turfvoyance.blogspot.com
2	www.paypalobjects.com	turfvoyance.blogspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn2.pronostic-facile.fr	www.pronostic-facile.fr
1	ajax.googleapis.com	www.zeitverschiebung.net
1	fonts.googleapis.com	www.zeitverschiebung.net
1	accounts.google.com	1 redirects
1	www.gstatic.com	apis.google.com
1	www.zeitverschiebung.net	turfvoyance.blogspot.com
1	1.bp.blogspot.com	turfvoyance.blogspot.com
1	www.top-france.com	turfvoyance.blogspot.com
1	www.maxannu.com	turfvoyance.blogspot.com
1	3.bp.blogspot.com	turfvoyance.blogspot.com
1	turfvoyance.blogspot.com
52	25

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.succes-turf.com
www.rapidoweb.free.fr
www.maxannu.com
www.top-france.com
www.hebdotop.com
www.zeitverschiebung.net

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-08` - `2022-01-11`	6 months	crt.sh
maxannu.com R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
top-france.com R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
www.hebdotop.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-09` - `2022-02-09`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
zeitverschiebung.net R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 4 frames:

Primary Page: https://turfvoyance.blogspot.com/?m=1
Frame ID: 29F2311AD7AC089328D504B985AF0C11
Requests: 33 HTTP requests in this frame

Frame: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis
Frame ID: 32620C9BA8231E05E45912B2F044C046
Requests: 6 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Frame ID: 82CD1A81D7CB6108154F6F8D093C3C88
Requests: 5 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1
Frame ID: DF4467C6DA56558DFB3E13D2D6C5AE6B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Turfvoyance: le site de référenceTurfvoyance: le site de référence pronostic 100% fiable

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

25
Subdomains

18
IPs

4
Countries

855 kB
Transfer

1588 kB
Size

1
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/12604722461568637656
Title: Turfvoyance

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=7425961868338740267

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=7425961868338740267&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=7425961868338740267&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=7425961868338740267&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=7425961868338740267&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=7425961868338740267&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=2905063587603806374

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2905063587603806374&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2905063587603806374&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2905063587603806374&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2905063587603806374&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2905063587603806374&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=4108766957434743450

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4108766957434743450&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4108766957434743450&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4108766957434743450&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4108766957434743450&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4108766957434743450&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: http://www.succes-turf.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=2080

Search URL Search Domain Scan URL

URL: https://www.maxannu.com/turf/

Search URL Search Domain Scan URL

URL: https://www.top-france.com/humour-et-jeux/

Search URL Search Domain Scan URL

URL: http://www.hebdotop.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/partenaires/hit.php3?sp=997

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Signaler un abus

Search URL Search Domain Scan URL

URL: https://www.zeitverschiebung.net/fr/timezone/europe--paris
Title: Heure actuelleEurope/Paris

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https://turfvoyance.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ HTTP 302
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://turfvoyance.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.yUoUa-d8e1E.O/am%253DAQ/d%253D1/rs%253DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://turfvoyance.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.yUoUa-d8e1E.O/am%253DAQ/d%253D1/rs%253DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/m%253D__features__%26bpli%3D1&go=true HTTP 302
https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1

Request Chain 47

https://www.google.com/s2/photos/public/AIbEiAIAAABECMi2r7ylj5z83AEiC3ZjYXJkX3Bob3RvKig2MTQ5ZDIyY2I0NDEyNzhjOGRmYmE3NDAxZmNiZGRmYjNkYzUzN2E4MAEFOaJ3EK10VbxJqkJ7Jvs40D4VTQ HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

Request Chain 48

https://www.google.com/s2/photos/public/AIbEiAIAAABCCOXbidrJ8s53Igt2Y2FyZF9waG90byooMDFjOGVhMGUwNGZjMjg1MjBjMDhkOGUwZTE4ZTNkZmI1YzA5NDZhNTABIsLwS-w72jw6tNmxWWGWti0aeuw HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

Request Chain 49

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKigxYTNhNTc5YjdhZDE1YTE4NTNlYWIwYjQ2MzRlOTBiYmEyMDQ5YmNjMAFU5urul_rFpTNovfRS1YKGLLZx3A HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

Request Chain 50

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJGzmdrtmNOpfiILdmNhcmRfcGhvdG8qKDkzYjI2ZGQ3YTZiZTU4MDViNDM5OThjY2RkNzdiMGU0ZmYzYjE4MTUwAQcTjV1Odh9oqg3DstvEkMokElD5 HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
turfvoyance.blogspot.com/ 194 KB
22 KB 378ms
338ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

GSE /

Resource Hash

9acc58f2cfe9b4e3e89fdca2227f538513c7caa7e13f2cccba968898b1aa62e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: turfvoyance.blogspot.com
:scheme: https
:path: /?m=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Tue, 05 Oct 2021 16:39:28 GMT
date: Tue, 05 Oct 2021 16:39:28 GMT
cache-control: private, max-age=0
last-modified: Tue, 05 Oct 2021 13:35:56 GMT
etag: W/"77dfafb85a8193218672c2342ebd1c29d62d25de3ebf6ed0ec0ab6ba176e295b"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22152
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1667664774-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 58ms
7ms Stylesheet
text/css 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

sffe /

Resource Hash

0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 12:19:36 GMT
x-content-type-options: nosniff
age: 361193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36164
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 17:53:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 01 Oct 2022 12:19:36 GMT

GET
H2 200 fuOpqLt6R2N2eYy8gblXUajZ6S1jVPUBvek4XushBYdCwckodzVr0sIjt9sRvubVtl9gCPUseYxLpVSO_2TvMbtquvg=s0-d
lh5.googleusercontent.com/proxy/ 104 KB
104 KB 30ms
7ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/fuOpqLt6R2N2eYy8gblXUajZ6S1jVPUBvek4XushBYdCwckodzVr0sIjt9sRvubVtl9gCPUseYxLpVSO_2TvMbtquvg=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

b924a89c3df9d7892c99e150bba066edccbdecef4f8bf74b476ffaa2bdbe8851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106042
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 btn_buynowCC_LG.gif
www.paypalobjects.com/fr_XC/i/btn/ 2 KB
2 KB 78ms
9ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/fr_XC/i/btn/btn_buynowCC_LG.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e42337df62f1403bd434f1a1b7118653a05fc9471d2a002757b711cb0f5a580e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 293
etag: "DU+OAt8hF7VPs+tf/LVK6MxM3aPIGIKzeIBCy01Eg6g"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Sat, 11 Sep 2021 05:16:00 GMT
content-length: 1832
server: Akamai Image Manager
expires: Wed, 06 Oct 2021 04:39:29 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/fr_XC/i/scr/ 42 B
320 B 80ms
11ms Image
image/gif 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/fr_XC/i/scr/pixel.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 198
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-transform, max-age=43200
last-modified: Sun, 03 Oct 2021 02:07:40 GMT
content-length: 42
server: Akamai Image Manager
expires: Wed, 06 Oct 2021 04:39:29 GMT

GET
H2 200 AtteleAnim_70.gif
3.bp.blogspot.com/-ILP-5FZwTxI/VeCuDhOsvzI/AAAAAAAAAHk/0y-fdo6caVQ/w40-h37/ 6 KB
7 KB 45ms
21ms Image
image/gif 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ILP-5FZwTxI/VeCuDhOsvzI/AAAAAAAAAHk/0y-fdo6caVQ/w40-h37/AtteleAnim_70.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

9859de9304c3f048cd6451e04564446faee69f6c06b80ed003701905f9e7a5e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="AtteleAnim_70.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6512
x-xss-protection: 0
server: fife
etag: "v7a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 07:51:08 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w8-h7
lh4.googleusercontent.com/proxy/ 225 B
630 B 32ms
8ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w8-h7

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 tiR7ZavVRPP0yic20aezEK84TWqfSH6oQdBndqNoUX6CiCVvin2zfNodGCnr8_nHCAkIKrB2vSQRwZqBid1_h9dH7BeAvwv6AABqsyJCKciM=s0-d
lh4.googleusercontent.com/proxy/ 225 B
283 B 33ms
8ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/tiR7ZavVRPP0yic20aezEK84TWqfSH6oQdBndqNoUX6CiCVvin2zfNodGCnr8_nHCAkIKrB2vSQRwZqBid1_h9dH7BeAvwv6AABqsyJCKciM=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

c40737ab0f7b9851d02b03379e9d6af0fba4e5eb019b4b46f41bf082f30e4f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 Y6jUy_iM4XEj558ibqmpXFxmaMqHU9HrfoXavgAvBNvfYaQJUJyxiG7kbQRTVD-oUHGbG5jgaVqoymtBELoIHPS8wu9VqMGNSFHwvsqoIQWT=s0-d
lh6.googleusercontent.com/proxy/ 257 B
319 B 31ms
7ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/Y6jUy_iM4XEj558ibqmpXFxmaMqHU9HrfoXavgAvBNvfYaQJUJyxiG7kbQRTVD-oUHGbG5jgaVqoymtBELoIHPS8wu9VqMGNSFHwvsqoIQWT=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

9db2a7a50b8cdcfe3192021aa62cbe226b000b2a20a97bb1ec55cc0f09063e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 4bELEB4G-DbRUtFD42np713SOG6p6_FfTka4blitd39wCQPErvoFvQ2_rPQCCfFQR4fnwR_yWGnif70eVPfsnnkkOPqvZIjKXnvZ8XMjAllN=s0-d
lh6.googleusercontent.com/proxy/ 143 B
552 B 31ms
7ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/4bELEB4G-DbRUtFD42np713SOG6p6_FfTka4blitd39wCQPErvoFvQ2_rPQCCfFQR4fnwR_yWGnif70eVPfsnnkkOPqvZIjKXnvZ8XMjAllN=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

fa57613eb7d2d2cb527d5d4e8b2a8df15a1d531a0b1e107fdd091c0ccb315f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=s0-d
lh4.googleusercontent.com/proxy/ 204 B
291 B 32ms
8ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

86639faa42cfeb641a66087cc2d061917c8e266ed8fb979c94073acb0e7ace9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 WK0RYWgm1_SLfaR0O2jU19m6TOnXQelMD2mD_sGIyu2aAi7MY5i5SF56ASjAr8f7JmTFr9ALL8s4XLqma7dG-65jixY76RCwPJgLCBGcxqVL4-7BnRA=s0-d
lh3.googleusercontent.com/proxy/ 2 KB
3 KB 59ms
17ms Image
image/jpeg 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/WK0RYWgm1_SLfaR0O2jU19m6TOnXQelMD2mD_sGIyu2aAi7MY5i5SF56ASjAr8f7JmTFr9ALL8s4XLqma7dG-65jixY76RCwPJgLCBGcxqVL4-7BnRA=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

ddd47a698d39264398af9849fc6f06bac4981120eb38e8ec4ea5575127f929c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2269
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 126ms
110ms Stylesheet
text/css 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3039089011485393593&zx=969a5312-25bb-40fd-b77b-c725128e6ef8

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 16:39:29 GMT
server: GSE
date: Tue, 05 Oct 2021 16:39:29 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w37-h13
lh4.googleusercontent.com/proxy/ 225 B
283 B 8ms
6ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w37-h13

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H2 200 icon18_email.gif
resources.blogblog.com/img/ 164 B
286 B 43ms
8ms Image
image/gif 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_email.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 00:57:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Oct 2021 18:21:18 GMT
server: sffe
age: 315736
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Oct 2021 00:57:13 GMT

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
541 B 8ms
7ms Image
image/png 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 03:35:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 16:52:15 GMT
server: sffe
age: 47036
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 12 Oct 2021 03:35:33 GMT

GET
H2 200 body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 95 B
208 B 9ms
8ms Image
image/png 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:27:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 16:52:06 GMT
server: sffe
age: 443521
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 07 Oct 2021 13:27:28 GMT

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 21ms
7ms Image
image/png 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 18:02:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 15:58:35 GMT
server: sffe
age: 599824
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Oct 2021 18:02:25 GMT

GET
H3 200 1LhV-gEi50KSEPcg-8KsAEuNwMUvkFzlIaOys7TaTVO3wLFe-oQSUrLH7FX_VzyTIsV_Y9Q1-1CuWkDtfJLWibHdxoUWkGFdtw=s0-d
lh5.googleusercontent.com/proxy/ 11 KB
11 KB 17ms
17ms Image
image/png 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/1LhV-gEi50KSEPcg-8KsAEuNwMUvkFzlIaOys7TaTVO3wLFe-oQSUrLH7FX_VzyTIsV_Y9Q1-1CuWkDtfJLWibHdxoUWkGFdtw=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

d365063fef243178c3ea167b64837bc5e23aa5b5a6d1f1b21fbf9e9ce57de54b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:49 GMT
x-content-type-options: nosniff
server: fife
age: 9640
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11593
x-xss-protection: 0
expires: Wed, 06 Oct 2021 13:58:49 GMT

GET
H3 200 f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d
lh6.googleusercontent.com/proxy/ 2 KB
2 KB 17ms
17ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:40:55 GMT
x-content-type-options: nosniff
server: fife
age: 7114
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2097
x-xss-protection: 0
expires: Wed, 06 Oct 2021 14:40:55 GMT

GET
H/1.1 200
OK max88.gif
www.maxannu.com/ 7 KB
7 KB 98ms
14ms Image
image/gif 51.254.50.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maxannu.com/max88.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.254.50.144 , France, ASN16276 (OVH, FR),

Reverse DNS

ip144.ip-51-254-50.eu

Software

Apache / PleskLin

Resource Hash

d4b3765a539672defd8114ed24664cf3ea2660abe454cd021be1df9b43002eb8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 16:39:30 GMT
ETag: "1acd-499a8d6f860c0"
Last-Modified: Wed, 12 Jan 2011 16:39:07 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6861
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Nov 2021 16:39:30 GMT

GET
H/1.1 200
OK top88.png
www.top-france.com/ 2 KB
2 KB 115ms
15ms Image
image/png 178.33.10.30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.top-france.com/top88.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.33.10.30 , France, ASN16276 (OVH, FR),

Reverse DNS

ip30.ip-178-33-10.eu

Software

Apache / PleskLin

Resource Hash

0dcd504d9092c4f44f60de4168e0711ff0b062d3306bf91b9efc9522134cda2c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 16:39:29 GMT
ETag: "67f-589037095a746"
Last-Modified: Thu, 16 May 2019 16:05:50 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1663
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Nov 2021 16:39:29 GMT

GET
H/1.1 200
OK hebdotop.eur Show response
www.hebdotop.com/cgi-bin/ 436 B
556 B 78ms
18ms Script
text/html 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=308212
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: f93d9810e02e9d19e743bfc568bdb31753d9a8c80fb57b3ff50528769b6fc6d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 16:39:26 GMT
Content-Encoding: gzip
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100

GET
H3 200 sgngLku0Ia98M23ut8AKPKY5RzDinzCH8nHR7XeyIPyvjmuCNa1tYZ76E_Ejvm5j0oTuIS3U1AJ-uRx3YoDdcyazCJECqsPZ=s0-d
lh5.googleusercontent.com/proxy/ 4 KB
4 KB 17ms
16ms Image
image/gif 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/sgngLku0Ia98M23ut8AKPKY5RzDinzCH8nHR7XeyIPyvjmuCNa1tYZ76E_Ejvm5j0oTuIS3U1AJ-uRx3YoDdcyazCJECqsPZ=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

9889200c7ec80cac7bb7d798b73be56cd2c55fcc80a25203e285af3032351878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:23:56 GMT
x-content-type-options: nosniff
server: fife
age: 8133
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4026
x-xss-protection: 0
expires: Wed, 06 Oct 2021 14:23:56 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 78ms
42ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dDQ+Tym4grzh31q6FGcyUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "c34d224d0ee061f3752d1f91e397a052"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-dDQ+Tym4grzh31q6FGcyUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Tue, 05 Oct 2021 16:39:29 GMT

GET
H2 200 pmummmmmm.jpg
1.bp.blogspot.com/-yZLqIaBFfdU/YRK2QzQ2FiI/AAAAAAAAADo/Gc2NWwyVKpsvM-_reKYx2EpLVC8--o-oACLcBGAsYHQ/s491/ 30 KB
30 KB 8ms
7ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-yZLqIaBFfdU/YRK2QzQ2FiI/AAAAAAAAADo/Gc2NWwyVKpsvM-_reKYx2EpLVC8--o-oACLcBGAsYHQ/s491/pmummmmmm.jpg

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

f25918443016d607f44e9304001cb2cf31c52e6ff41668fcd75c254343a379f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:57:24 GMT
x-content-type-options: nosniff
age: 9725
content-disposition: inline;filename="pmummmmmm.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30224
x-xss-protection: 0
server: fife
etag: "v3b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 07:51:08 GMT

GET
H2 200 feed Show response
www.pronostic-facile.fr/widget/turfvoyance/script/ 245 B
940 B 80ms
52ms Script
text/html 104.21.21.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/turfvoyance/script/feed
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.21.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56de4f5abfaadaf18f849b27be85cab2babec47589fda74cd3e1d673f4edec16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime: 1
date: Tue, 05 Oct 2021 16:39:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58mzjlMJukCHLDldZlDD9hhOwMjckWGK4pwiWBd%2BGFPzwq2EUbIJVxtQ%2Fx%2FkhhvIFoc3m1z2%2FEz0eWK2%2Fb16589kYt2CLUsIiyKbZG3Wi5cndpn6w8yDUm5WcdwT4lYPVYyZizA2fkK1Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 699816171e19dfe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 963277127-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 8ms
8ms Script
text/javascript 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/963277127-widgets.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

sffe /

Resource Hash

745ee8325d0778336e2c48e1ad3ff31618ca9dd19114e82e21f3760638866a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 03:43:42 GMT
x-content-type-options: nosniff
age: 46547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157275
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 14:51:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 05 Oct 2022 03:43:42 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 112ms
111ms Stylesheet
text/css 172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3039089011485393593&zx=969a5312-25bb-40fd-b77b-c725128e6ef8

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 16:39:29 GMT
server: GSE
date: Tue, 05 Oct 2021 16:39:29 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vote70860.eur
www.hebdotop.com/cgi-bin/ 181 B
389 B 17ms
17ms Image
image/png 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hebdotop.com/cgi-bin/vote70860.eur?id=308212
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 16:39:26 GMT
Server: Apache/2.2.22 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Transfer-Encoding: chunked
Content-Type: image/png

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 207 KB
69 KB 128ms
8ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

6f93a8fa319d2f248a5b9f574c0fa601763b24f4acca4bd936e390c532795109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70982
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:21:04 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 3 KB
683 B 124ms
7ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

8b3c05530c180765a519a01b26dd6fd03313795ffc946c5198dd1c15fa7de443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 657
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:24:21 GMT

GET
H2 200 clock-widget-iframe-v2 Show response
www.zeitverschiebung.net/ Frame 3262 5 KB
2 KB 32ms
8ms Document
text/html 178.254.1.54
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.254.1.54 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

hello-world.digital

Software

nginx / PHP/7.3.30 PleskLin

Resource Hash

3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:method: GET
:authority: www.zeitverschiebung.net
:scheme: https
:path: /clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

server: nginx
date: Tue, 05 Oct 2021 16:39:29 GMT
content-type: text/html; charset=UTF-8
content-length: 1908
x-powered-by: PHP/7.3.30 PleskLin
vary: Accept-Encoding
content-encoding: gzip
x-cache-status: BYPASS
strict-transport-security: max-age=15768000; includeSubDomains

GET
H3 200 all Show response
www.pronostic-facile.fr/widget/turfvoyance/feed/ Frame 82CD 14 KB
6 KB 44ms
31ms Document
text/html 104.21.21.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/script/feed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.21.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b18e2efd4383aa0074b478ff6c944a96c520a5e64e6176c100487d363ed3552

Request headers

:method: GET
:authority: www.pronostic-facile.fr
:scheme: https
:path: /widget/turfvoyance/feed/all
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-runtime: 1
cache-control: private, max-age=0, must-revalidate
set-cookie: _pronostic_facile_session=BAh7BzoPc2Vzc2lvbl9pZCIlNjA3YzMzMzhhYTRjMDI5NjZmNjJhNDE4ZDkwOTIwZTA6DHJlZmVyZXIiJmh0dHBzOi8vdHVyZnZveWFuY2UuYmxvZ3Nwb3QuY29tLw%3D%3D--f98df8cdf24e1f9f02101a68b817e89425b1edf1; path=/; HttpOnly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmeuMBrRtXpggdrr69ZwUG8x9e6nsQP6Rp2reT5gXRjbm21UxAxdXZWwMNDmbR6hxNGFbcuA50P4FheKI4TS1lS1TC8D%2Fj%2BBEneVuMeiwQJA%2BqKtMU1r73EyH8T7fwn6lxmlhsq5SalriA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699816185b275c7a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 81 KB
29 KB 29ms
7ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

27b7bdbb6b77f4238a0af53fa51168eec424660ac65eb166d3927335824e07ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29401
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 14:23:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="product-feedback-gathering"
expires: Tue, 05 Oct 2021 16:50:30 GMT

GET
H3

200

followers.g Show response
www.blogger.com/ Frame DF44
Redirect Chain

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZ...
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMW...
https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZ...

7 KB
2 KB

747ms
747ms

Document
text/html

172.217.18.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f105.1e100.net

Software

GSE /

Resource Hash

d14c6cdbae8d740f036d27e1f84053a9a4bddbc334622ea8a6653a8b5ead3877

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Oct 2021 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2353
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Oct 2021 16:39:29 GMT
location: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-R9ztxRBKblWLMMUjhftRmw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 475
server: GSE
set-cookie: __Host-GAPS=1:NyE0OZuIT0V8lXbB71KRPOfF4VQbbw:cc9YGTk4MZRjIUqJ;Path=/;Expires=Thu, 05-Oct-2023 16:39:29 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 3262 3 KB
1 KB 40ms
17ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 15:24:41 GMT
server: ESF
date: Tue, 05 Oct 2021 16:39:29 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 16:39:29 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 3262 95 KB
96 KB 29ms
6ms Script
text/javascript 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 10:52:27 GMT
x-content-type-options: nosniff
age: 107222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 04 Oct 2022 10:52:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3262 96 KB
38 KB 20ms
19ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c4ec6aced3300c86f3bf7458943413623f6e15cd6248b9d7b8f330acbd531801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38960
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Oct 2021 16:39:29 GMT

GET
H2 200 rss-fp-1612893811.png
cdn2.pronostic-facile.fr/images/icones/16x16/ Frame 82CD 739 B
1 KB 39ms
26ms Image
image/png 104.21.21.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.21.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
via: 1.1 41dc616ebfce47f0587493804969040a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 14295975
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 739
cf-request-id: 0904f331430000f3eb79019000000001
last-modified: Tue, 09 Feb 2021 18:03:31 GMT
server: cloudflare
etag: "6022ce73-2e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fRKsLnFeAnAXjlFPbA3xR8XiVnnpCB07ysc4Qgu0laSokJTqH9SC9ltf7BCp6HKAUy8y6gkMRMP7v1AcHP0CQIe9aWMuRaGN1xRoF6RJQAECPf4wdMRkqQ%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
cf-ray: 69981618d897dfe3-FRA
x-amz-cf-id: nCa4_mMx-5h_eyXpwamSoQ1jpj7HPePtBFFA6lt411TuAyn_mEo5Rg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 82CD 96 KB
39 KB 47ms
20ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8d0e6fb4ac75b265ca264af954503426f6b0bd367c2fed4fa0321ae282341cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38959
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Oct 2021 16:39:29 GMT

GET
DATA 200
OK truncated
/ Frame 82CD 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 3262 16 KB
17 KB 31ms
8ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zeitverschiebung.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 20:23:42 GMT
x-content-type-options: nosniff
age: 504947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16736
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 20:23:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 82CD 48 KB
20 KB 34ms
7ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2303
date: Tue, 05 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 05 Oct 2021 18:01:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3262 48 KB
19 KB 35ms
13ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2303
date: Tue, 05 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 05 Oct 2021 18:01:06 GMT

GET
H3 200 plusone.js Show response
apis.google.com/js/ Frame DF44 52 KB
20 KB 81ms
81ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Nk2dXgPO18e0fuq6qO+l0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 16:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "c34d224d0ee061f3752d1f91e397a052"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Nk2dXgPO18e0fuq6qO+l0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Tue, 05 Oct 2021 16:39:30 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame DF44 147 KB
50 KB 8ms
8ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 20:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51514
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 28 Sep 2022 20:09:06 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame DF44 36 KB
12 KB 8ms
8ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

2a64d18d6dbdf8ccc44fcc587c8524a0a4393a6a2a3832dcb247021c80ac54ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12011
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:20:52 GMT

GET
H3

200

AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p
lh3.googleusercontent.com/a-/ Frame DF44
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECMi2r7ylj5z83AEiC3ZjYXJkX3Bob3RvKig2MTQ5ZDIyY2I0NDEyNzhjOGRmYmE3NDAxZmNiZGRmYjNkYzUzN2E4MAEFOaJ3EK10VbxJqkJ7Jvs40D4VTQ
https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

4 KB
4 KB

17ms
16ms

Image
image/jpeg

142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

328878c68065e40d660ad007779bfeb6b8e7b06e02dc96f91ca8c04e71119c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:53 GMT
x-content-type-options: nosniff
age: 9637
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4579
x-xss-protection: 0
server: fife
etag: "v3b69"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 Sep 2021 23:21:44 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 16:39:30 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-TuyPA+r8MSVaNMWBFTUv/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-TuyPA+r8MSVaNMWBFTUv/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p
lh3.googleusercontent.com/a-/ Frame DF44
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABCCOXbidrJ8s53Igt2Y2FyZF9waG90byooMDFjOGVhMGUwNGZjMjg1MjBjMDhkOGUwZTE4ZTNkZmI1YzA5NDZhNTABIsLwS-w72jw6tNmxWWGWti0aeuw
https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

4 KB
4 KB

17ms
16ms

Image
image/jpeg

142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

7e336a14c52d3cee99f2eceb3e841453581452f4970dcdf5a9bcfada14e1620d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:58:54 GMT
x-content-type-options: nosniff
age: 9636
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4218
x-xss-protection: 0
server: fife
etag: "vd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 18:45:20 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 16:39:30 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'report-sample' 'nonce-seXWCswPvrR9Wk4f/nxeAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-seXWCswPvrR9Wk4f/nxeAQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p
lh3.googleusercontent.com/a-/ Frame DF44
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKigxYTNhNTc5YjdhZDE1YTE4NTNlYWIwYjQ2MzRlOTBiYmEyMDQ5YmNjMAFU5urul_rFpTNovfRS1YKGLLZx3A
https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

3 KB
3 KB

17ms
17ms

Image
image/jpeg

142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

2e966b3402343a48652b6ca544d35480c652b337ef8242d85103ba9f91f0847d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 15:50:37 GMT
x-content-type-options: nosniff
age: 2933
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3067
x-xss-protection: 0
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Sep 2021 04:57:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 16:39:30 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'report-sample' 'nonce-Qg1VMlodevD3g4k3cD+qyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-Qg1VMlodevD3g4k3cD+qyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p
lh3.googleusercontent.com/a-/ Frame DF44
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJGzmdrtmNOpfiILdmNhcmRfcGhvdG8qKDkzYjI2ZGQ3YTZiZTU4MDViNDM5OThjY2RkNzdiMGU0ZmYzYjE4MTUwAQcTjV1Odh9oqg3DstvEkMokElD5
https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

5 KB
5 KB

19ms
18ms

Image
image/jpeg

142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

42c101ed2f5648ed63a63e0a142e64110ef49d13bbe2dfc5527070488967f85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 15:40:27 GMT
x-content-type-options: nosniff
age: 3543
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5530
x-xss-protection: 0
server: fife
etag: "v4ad"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 Sep 2021 23:21:45 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Oct 2021 16:39:30 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-s0LhvGl/bOPKvZ7LxWC6cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-s0LhvGl/bOPKvZ7LxWC6cg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default-user=s45-c
lh3.googleusercontent.com/a/ Frame DF44 316 B
341 B 16ms
16ms Image
image/png 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/default-user=s45-c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:31:49 GMT
x-content-type-options: nosniff
age: 11261
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
server: fife
etag: "v0"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 09:31:48 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 02:07:43	Name: NID Value: 511=LS0AVA4iqEdjcoQAKoIp2ZVYjnetwMlv8Ag238POsuExg_nC5aNWifSr3oF_GnMQ-0w4ChRNbZf7Ye4wCihreG3FMJRxTglPGHiU9fCtR0yKdxQf_QYTHGHLZmCfo_xajd6sj2GR3yrj0OueRrR404XVTvWmvU-8J7m3WzwxnKc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
accounts.google.com
ajax.googleapis.com
apis.google.com
cdn2.pronostic-facile.fr
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
resources.blogblog.com
turfvoyance.blogspot.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.hebdotop.com
www.maxannu.com
www.paypalobjects.com
www.pronostic-facile.fr
www.top-france.com
www.zeitverschiebung.net
104.111.228.123
104.21.21.222
142.250.181.225
142.250.185.163
142.250.186.170
142.250.186.174
142.250.186.35
142.250.186.42
142.250.186.65
142.250.74.141
142.250.74.206
172.217.16.129
172.217.16.136
172.217.18.105
178.254.1.54
178.33.10.30
213.246.57.128
216.58.212.132
51.254.50.144
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0dcd504d9092c4f44f60de4168e0711ff0b062d3306bf91b9efc9522134cda2c
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
27b7bdbb6b77f4238a0af53fa51168eec424660ac65eb166d3927335824e07ed
2a64d18d6dbdf8ccc44fcc587c8524a0a4393a6a2a3832dcb247021c80ac54ac
2e966b3402343a48652b6ca544d35480c652b337ef8242d85103ba9f91f0847d
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
328878c68065e40d660ad007779bfeb6b8e7b06e02dc96f91ca8c04e71119c51
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565
42c101ed2f5648ed63a63e0a142e64110ef49d13bbe2dfc5527070488967f85d
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
56de4f5abfaadaf18f849b27be85cab2babec47589fda74cd3e1d673f4edec16
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
6b18e2efd4383aa0074b478ff6c944a96c520a5e64e6176c100487d363ed3552
6f93a8fa319d2f248a5b9f574c0fa601763b24f4acca4bd936e390c532795109
745ee8325d0778336e2c48e1ad3ff31618ca9dd19114e82e21f3760638866a49
7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec
7e336a14c52d3cee99f2eceb3e841453581452f4970dcdf5a9bcfada14e1620d
86639faa42cfeb641a66087cc2d061917c8e266ed8fb979c94073acb0e7ace9c
8b3c05530c180765a519a01b26dd6fd03313795ffc946c5198dd1c15fa7de443
8d0e6fb4ac75b265ca264af954503426f6b0bd367c2fed4fa0321ae282341cdc
9859de9304c3f048cd6451e04564446faee69f6c06b80ed003701905f9e7a5e9
9889200c7ec80cac7bb7d798b73be56cd2c55fcc80a25203e285af3032351878
9acc58f2cfe9b4e3e89fdca2227f538513c7caa7e13f2cccba968898b1aa62e1
9db2a7a50b8cdcfe3192021aa62cbe226b000b2a20a97bb1ec55cc0f09063e2e
b924a89c3df9d7892c99e150bba066edccbdecef4f8bf74b476ffaa2bdbe8851
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
c40737ab0f7b9851d02b03379e9d6af0fba4e5eb019b4b46f41bf082f30e4f4c
c4ec6aced3300c86f3bf7458943413623f6e15cd6248b9d7b8f330acbd531801
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
d14c6cdbae8d740f036d27e1f84053a9a4bddbc334622ea8a6653a8b5ead3877
d365063fef243178c3ea167b64837bc5e23aa5b5a6d1f1b21fbf9e9ce57de54b
d4b3765a539672defd8114ed24664cf3ea2660abe454cd021be1df9b43002eb8
ddd47a698d39264398af9849fc6f06bac4981120eb38e8ec4ea5575127f929c4
e42337df62f1403bd434f1a1b7118653a05fc9471d2a002757b711cb0f5a580e
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f25918443016d607f44e9304001cb2cf31c52e6ff41668fcd75c254343a379f1
f93d9810e02e9d19e743bfc568bdb31753d9a8c80fb57b3ff50528769b6fc6d3
fa57613eb7d2d2cb527d5d4e8b2a8df15a1d531a0b1e107fdd091c0ccb315f43
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

turfvoyance.blogspot.com Open in urlscan Pro 172.217.16.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

0 %IPv6

15 Domains

25 Subdomains

18 IPs

4 Countries

855 kBTransfer

1588 kBSize

1 Cookies

28 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

turfvoyance.blogspot.com Open in urlscan Pro
172.217.16.129 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

25
Subdomains

18
IPs

4
Countries

855 kB
Transfer

1588 kB
Size

1
Cookies

52 HTTP transactions
1 data transactions