original-pmu.blogspot.com Open in urlscan Pro
2a00:1450:400d:80c::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://original-pmu.blogspot.com/?m=0
Submission: On February 18 via manual (February 18th 2023, 8:20:09 pm UTC) from SN — Scanned from DE

Summary HTTP 87 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 25 domains to perform 87 HTTP transactions. The main IP is 2a00:1450:400d:80c::2001, located in Ireland and belongs to GOOGLE, US. The main domain is original-pmu.blogspot.com.

This is the only time original-pmu.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:80d::2009	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
7	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
6 12	34.102.200.23 34.102.200.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	54.36.176.112 54.36.176.112	16276 (OVH) (OVH)
17 25	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	91.121.164.142 91.121.164.142	16276 (OVH) (OVH)
1	195.210.43.78 195.210.43.78	39506 (MFX-AS) (MFX-AS)
3	212.83.183.115 212.83.183.115	12876 (Online SAS) (Online SAS)
2 3	5.196.53.228 5.196.53.228	16276 (OVH) (OVH)
1	188.165.42.17 188.165.42.17	16276 (OVH) (OVH)
1	212.27.63.105 212.27.63.105	12322 (PROXAD) (PROXAD)
1 1	2606:4700:303... 2606:4700:3034::ac43:c8d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3034::6815:15de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
87	27

2 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

original-pmu.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80d::2009 (Ireland)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.102.200.23 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.200.102.34.bc.googleusercontent.com

www.geny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.36.176.112 (France)

ASN16276 (OVH, FR)
PTR: ns3092782.ip-54-36-176.eu

geoloc5.geovisite.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3038::6815:ea1a (United States) 17 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.164.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns360576.ip-91-121-164.eu

nsm08.casimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.210.43.78 (France)

ASN39506 (MFX-AS, FR)
PTR: server4.createur-internet.com

www.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.83.183.115 (La Garenne-Colombes, France)

ASN12876 (Online SAS, FR)
PTR: www.allosponsor.com

www.allosponsor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hebdotop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.196.53.228 (Criquebeuf-la-Campagne, France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip228.ip-5-196-53.eu

www.uhit.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uhit.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.42.17 (Saint-Maur-des-Fossés, France)

ASN16276 (OVH, FR)
PTR: mpool.netoo.net

blogs.netoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.27.63.105 (Rouen, France)

ASN12322 (PROXAD, FR)
PTR: perso105-g5.free.fr

www.rapidoweb.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:c8d8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::6815:15de (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2001 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

www.1clic1don.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	root-top.com 17 redirects img.root-top.com www.root-top.com	59 KB
12	geny.com 6 redirects www.geny.com — Cisco Umbrella Rank: 450773	13 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	254 KB
7	geovisite.ovh geoloc5.geovisite.ovh	386 KB
6	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 17385	2 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 108 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	147 KB
6	blogspot.com original-pmu.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10294	232 KB
5	pronostic-facile.fr 1 redirects www.pronostic-facile.fr cdn3.pronostic-facile.fr	9 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 9076	67 KB
4	1clic1don.fr www.1clic1don.fr — Cisco Umbrella Rank: 487332	26 KB
4	allopass.com payment.allopass.com	11 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
3	uhit.eu 2 redirects www.uhit.eu uhit.eu	527 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	88 KB
2	googleusercontent.com 1 redirects themes.googleusercontent.com — Cisco Umbrella Rank: 11734	1 MB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
2	hebdotop.com www.hebdotop.com	2 KB
2	casimages.com 1 redirects nsm08.casimages.com	10 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 929	6 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9006	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	600 B
1	gstatic.com fonts.gstatic.com	18 KB
1	free.fr www.rapidoweb.free.fr	2 KB
1	netoo.com blogs.netoo.com	2 KB
1	allosponsor.com www.allosponsor.com	14 KB
87	25

	Domain	Requested by
25	img.root-top.com	17 redirects original-pmu.blogspot.com
12	www.geny.com	6 redirects original-pmu.blogspot.com
8	pagead2.googlesyndication.com	original-pmu.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	geoloc5.geovisite.ovh	original-pmu.blogspot.com geoloc5.geovisite.ovh
6	resources.blogblog.com	original-pmu.blogspot.com www.blogger.com
5	www.blogger.com	original-pmu.blogspot.com apis.google.com
4	www.1clic1don.fr	www.hebdotop.com original-pmu.blogspot.com www.1clic1don.fr
4	www.pronostic-facile.fr	1 redirects original-pmu.blogspot.com www.pronostic-facile.fr static.cloudflareinsights.com
4	1.bp.blogspot.com	original-pmu.blogspot.com
4	payment.allopass.com	original-pmu.blogspot.com payment.allopass.com
4	apis.google.com	original-pmu.blogspot.com apis.google.com www.blogger.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	payment.allopass.com www.pronostic-facile.fr
2	themes.googleusercontent.com	1 redirects original-pmu.blogspot.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.hebdotop.com	original-pmu.blogspot.com
2	www.uhit.eu	2 redirects
2	nsm08.casimages.com	1 redirects original-pmu.blogspot.com
2	original-pmu.blogspot.com	original-pmu.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	static.cloudflareinsights.com	www.pronostic-facile.fr
1	cdn3.pronostic-facile.fr	www.pronostic-facile.fr
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	original-pmu.blogspot.com
1	www.rapidoweb.free.fr	original-pmu.blogspot.com
1	blogs.netoo.com	original-pmu.blogspot.com
1	uhit.eu	original-pmu.blogspot.com
1	www.allosponsor.com	original-pmu.blogspot.com
1	www.root-top.com	original-pmu.blogspot.com
87	32

This site contains links to these domains. Also see Links.

Domain
payment.allopass.com
paris-promise.blogspot.com
calcula-prono.blogspot.com
pros-afrique.blogspot.com
cash-back1.blogspot.com
cash-du-jours.blogspot.com
recordturf1.blogspot.com
cash-univers.blogspot.com
pari-brillant.blogspot.com
turfistes1.blogspot.com
tierces-tuyau.blogspot.com
course-uniques.blogspot.com
grand-gagant.blogspot.com
derby-tierces.blogspot.com
course-en-euro.blogspot.com
gains-cash1.blogspot.com
bezz-dupmu.blogspot.com
www.root-top.com
www.allosponsor.com
www.uhit.eu
blogs.netoo.com
www.rapidoweb.free.fr
www.hebdotop.com
www.mondeturf.net
referencementsitegratuit.page-internet.net
www.istockphoto.com
www.blogger.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-07` - `2023-10-07`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
geoloc5.idealpes.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://original-pmu.blogspot.com/?m=0
Frame ID: E031CB47F04FA108A7F4D1AE8C4C3CD6
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
Frame ID: 5099F9B1BB7BF74561E983A0DB03FEE9
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&vt=-6040728026497715392&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Frame ID: DBD1D96546B3B5EA00A9B092B1B66FD0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4442622547489634&output=html&adk=1812271804&adf=3025194257&lmt=1676730141&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=http%3A%2F%2Foriginal-pmu.blogspot.com%2F%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1676751603308&bpp=23&bdt=225&idt=296&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6374759235035&frm=20&pv=2&ga_vid=1072163166.1676751604&ga_sid=1676751604&ga_hid=1191112534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C44774606%2C31071662%2C31071976&oid=2&pvsid=3769660704535193&tmod=805867633&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=319
Frame ID: EC538C251F9CE4C9A6C1140726221241
Requests: 1 HTTP requests in this frame

Frame: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Frame ID: 3CCEE648FFAF8547F73FF15CB376113F
Requests: 6 HTTP requests in this frame

Frame: https://www.1clic1don.fr/taght.php
Frame ID: DD190906BB6B2A45EA9C337FB630D198
Requests: 1 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Frame ID: C29809DDEE82CF0C0CB075BF1BC38A5B
Requests: 7 HTTP requests in this frame

Frame: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676750400
Frame ID: AC42E5A49F57CA7DDFAC63702BF3BA5F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 092B685653F1105D32ABBBBEBE9448F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47FE803F895F96854FC6A6A4B56572C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ORIGINAL-PMU

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

87
Requests

66 %
HTTPS

67 %
IPv6

25
Domains

32
Subdomains

27
IPs

4
Countries

2562 kB
Transfer

3880 kB
Size

8
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://payment.allopass.com/buy/buy.apu?ids=357205&idd=1558204&carousel=row

Search URL Search Domain Scan URL

URL: http://paris-promise.blogspot.com/
Title: PARIS-PROMISE

Search URL Search Domain Scan URL

URL: http://calcula-prono.blogspot.com/

Search URL Search Domain Scan URL

URL: http://pros-afrique.blogspot.com/
Title: PROS-AFRIQUE

Search URL Search Domain Scan URL

URL: http://cash-back1.blogspot.com/
Title: CASH-BACK1

Search URL Search Domain Scan URL

URL: http://cash-du-jours.blogspot.com/
Title: CASH-DU-JOURS

Search URL Search Domain Scan URL

URL: http://recordturf1.blogspot.com/
Title: RECORDTURF1

Search URL Search Domain Scan URL

URL: http://cash-univers.blogspot.com/
Title: CASH-UNIVERS

Search URL Search Domain Scan URL

URL: http://pari-brillant.blogspot.com/
Title: PARI-BRILLANT

Search URL Search Domain Scan URL

URL: http://turfistes1.blogspot.com/
Title: TURFISTES1

Search URL Search Domain Scan URL

URL: http://tierces-tuyau.blogspot.com/
Title: TIERCES-TUYAU

Search URL Search Domain Scan URL

URL: http://course-uniques.blogspot.com/
Title: COURSE-UNIQUES

Search URL Search Domain Scan URL

URL: http://grand-gagant.blogspot.com/
Title: GRAND-GAGANT

Search URL Search Domain Scan URL

URL: http://derby-tierces.blogspot.com/
Title: DERBY-TIERCES

Search URL Search Domain Scan URL

URL: http://course-en-euro.blogspot.com/
Title: COURSE-EN-EURO

Search URL Search Domain Scan URL

URL: http://gains-cash1.blogspot.com/
Title: GAINS-CASH1

Search URL Search Domain Scan URL

URL: http://bezz-dupmu.blogspot.com/
Title: BEZZ-DUPMU

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/originalpmu1/in.php?ID=7

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfistes/in.php?ID=1644

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/bettop/in.php?ID=188

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/gagnantplus/in.php?ID=56

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/freeturf/in.php?ID=2

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmu365/in.php?ID=12

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/megaturf/in.php?ID=979
Title: .

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfoscope/in.php?ID=554

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=1033

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/dada/in.php?ID=87

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/classement_general/in.php?ID=1981

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baseprono/in.php?ID=256

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfaunet/in.php?ID=506

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/filibert42/in.php?ID=5

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=839

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toptierce/in.php?ID=245

Search URL Search Domain Scan URL

URL: http://www.allosponsor.com/accueil.php?ref=51293

Search URL Search Domain Scan URL

URL: http://www.uhit.eu/

Search URL Search Domain Scan URL

URL: http://blogs.netoo.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=1795

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/forumturf/in.php?ID=28

Search URL Search Domain Scan URL

URL: http://www.hebdotop.com/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/lamaisonmere/in.php?ID=131

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfgagnant/in.php?ID=334

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/zeturf24/in.php?ID=51

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/chevaldorinfoturf/in.php?ID=167

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toppronosticgratuit/in.php?ID=118

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/james15/in.php?ID=245

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion/in.php?ID=102

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baronturf/in.php?ID=82

Search URL Search Domain Scan URL

URL: http://www.mondeturf.net/vote.php?id=5232
Title: Mondeturf.net

Search URL Search Domain Scan URL

URL: http://referencementsitegratuit.page-internet.net/
Title: Referencement gratuit

Search URL Search Domain Scan URL

URL: http://www.istockphoto.com/file_closeup.php?id=8126402&platform=blogger
Title: jangeltun

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.geny.com/web/images/pictos/paris/2sur4_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/2sur4_01.gif

Request Chain 7

http://www.geny.com/web/images/pictos/paris/multi_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/multi_01.gif

Request Chain 8

http://www.geny.com/web/images/pictos/paris/tierce_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/tierce_01.gif

Request Chain 9

http://www.geny.com/web/images/pictos/paris/quarte_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/quarte_01.gif

Request Chain 10

http://www.geny.com/web/images/pictos/paris/quinte_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/quinte_01.gif

Request Chain 11

http://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif

Request Chain 13

http://img.root-top.com/topsite/originalpmu1/banner.gif HTTP 301
https://img.root-top.com/topsite/originalpmu1/banner.gif

Request Chain 14

http://img.root-top.com/topsite/turfistes/banner.gif HTTP 301
https://img.root-top.com/topsite/turfistes/banner.gif

Request Chain 15

http://img.root-top.com/topsite/bettop/banner.gif HTTP 301
https://img.root-top.com/topsite/bettop/banner.gif HTTP 302
http://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif HTTP 301
https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif

Request Chain 16

http://img.root-top.com/topsite/gagnantplus/banner.gif HTTP 301
https://img.root-top.com/topsite/gagnantplus/banner.gif

Request Chain 17

http://img.root-top.com/topsite/freeturf/banner.gif HTTP 301
https://img.root-top.com/topsite/freeturf/banner.gif

Request Chain 18

http://img.root-top.com/topsite/pmu365/banner.gif HTTP 301
https://img.root-top.com/topsite/pmu365/banner.gif

Request Chain 19

http://img.root-top.com/topsite/turfoscope/banner.gif HTTP 301
https://img.root-top.com/topsite/turfoscope/banner.gif HTTP 302
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Request Chain 20

http://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 301
https://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 302
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Request Chain 21

http://img.root-top.com/topsite/dada/banner.gif HTTP 301
https://img.root-top.com/topsite/dada/banner.gif

Request Chain 22

http://img.root-top.com/topsite/classement_general/banner.gif HTTP 301
https://img.root-top.com/topsite/classement_general/banner.gif HTTP 302
http://www.root-top.com/images/bouton_RT1.gif

Request Chain 23

http://img.root-top.com/topsite/baseprono/banner.gif HTTP 301
https://img.root-top.com/topsite/baseprono/banner.gif HTTP 302
https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

Request Chain 24

http://img.root-top.com/topsite/turfaunet/banner.gif HTTP 301
https://img.root-top.com/topsite/turfaunet/banner.gif

Request Chain 27

http://www.uhit.eu/button1.php?u=titro-turf HTTP 301
https://www.uhit.eu/ HTTP 301
https://uhit.eu/

Request Chain 32

http://www.pronostic-facile.fr/widget/originalpmu/script/feed HTTP 301
https://www.pronostic-facile.fr/widget/originalpmu/script/feed

Request Chain 37

http://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600 HTTP 301
https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

87 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
original-pmu.blogspot.com/ 76 KB
14 KB 464ms
337ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf13ceb574c904b930e10cc89f720660497b034cb180cf8c6f1c8868ba6db6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 13532
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Feb 2023 20:20:02 GMT
ETag: W/"d729f0fe8937725d965e98a13ab4064cd546c96167f67a59cdd43b8343aab378"
Expires: Sat, 18 Feb 2023 20:20:02 GMT
Last-Modified: Sat, 18 Feb 2023 14:22:21 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 203ms
48ms Stylesheet
text/css 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7776
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 21:16:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Feb 2024 00:49:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 136ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4442622547489634&host=ca-host-pub-1556223355139109

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

045016cd808cbfebba02118beca72b23cf8b719b820ea221ca477b25e9c7d730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Origin: http://original-pmu.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49367
x-xss-protection: 0
server: cafe
etag: 7620496969015795738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:20:03 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 166ms
164ms Stylesheet
text/css 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5579839696325710492&zx=3ad56aaf-1154-495d-916e-376335610121

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 18 Feb 2023 20:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 20:20:03 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 252ms
123ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Feb 2023 20:20:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d180a2ced31e8f24"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:20:03 GMT

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 745ms
295ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=357205&idd=1558204&lang=fr
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 21b49318fd4b1f5d1bdb2e53293c578dce16464189cb2188d4cac11f62e1598f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Feb 2023 20:20:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2960
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 whatsapp-png-image-9.png
1.bp.blogspot.com/-nXl-XCtWwfs/XDNpc71ao8I/AAAAAAAAAqc/4ySHv7VaA2w67u3rS7moYnCfFCiVNptkQCLcBGAs/s1600/ 8 KB
9 KB 294ms
76ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nXl-XCtWwfs/XDNpc71ao8I/AAAAAAAAAqc/4ySHv7VaA2w67u3rS7moYnCfFCiVNptkQCLcBGAs/s1600/whatsapp-png-image-9.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69c358d01d2ca3161faa7ce60bcba0d144f8f62db451d7297e8b5f8f2ef91e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="whatsapp-png-image-9.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8533
x-xss-protection: 0
server: fife
etag: "v2aa"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Feb 2023 07:13:36 GMT

GET
H2

200

2sur4_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/2sur4_01.gif
https://www.geny.com/web/images/pictos/paris/2sur4_01.gif

1 KB
1 KB

57ms
25ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/2sur4_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

3b9ed92648425393a41f6eaec5d1c1d992c91029ad1704da4cc6a3fe5d98cf99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:02 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 14:33:14 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1251
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/2sur4_01.gif
Date: Sat, 18 Feb 2023 20:20:03 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

multi_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/multi_01.gif
https://www.geny.com/web/images/pictos/paris/multi_01.gif

1 KB
1 KB

57ms
26ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/multi_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

0f1917620a3a33ca16e84bb58ea89ee48dad221de013bfa383ab245c641f81f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:02 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 14:33:14 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1206
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/multi_01.gif
Date: Sat, 18 Feb 2023 20:20:03 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

tierce_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/tierce_01.gif
https://www.geny.com/web/images/pictos/paris/tierce_01.gif

1 KB
1 KB

56ms
27ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/tierce_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

b54af5a0949a40cde9b1cddc22374a0f13430856bdd24a874daa42e78b71aff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:02 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 14:33:14 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1217
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/tierce_01.gif
Date: Sat, 18 Feb 2023 20:20:03 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

quarte_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/quarte_01.gif
https://www.geny.com/web/images/pictos/paris/quarte_01.gif

1 KB
1 KB

54ms
26ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/quarte_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

428921331c37e4949f9a73bea7e09750840b551e786090f36d211de7b21329e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:02 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 14:33:14 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1292
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/quarte_01.gif
Date: Sat, 18 Feb 2023 20:20:03 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

quinte_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/quinte_01.gif
https://www.geny.com/web/images/pictos/paris/quinte_01.gif

1 KB
1 KB

55ms
24ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/quinte_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

99cc06e9ff11236fc96dfbc21c6009253a0ac0a28c5dfb08af429d71c8e7edc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 14:33:14 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1304
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/quinte_01.gif
Date: Sat, 18 Feb 2023 20:20:03 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

sct2tqqm_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif
https://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif

4 KB
4 KB

55ms
24ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 14:33:14 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4002
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/sct2tqqm_01.gif
Date: Sat, 18 Feb 2023 20:20:03 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK geocounter.js Show response
geoloc5.geovisite.ovh/private/ 11 KB
12 KB 172ms
23ms Script
text/html 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://geoloc5.geovisite.ovh/private/geocounter.js?compte=9279n1qjl1j2
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: b3147b983dfa9a6d639132d62169670bef95fe79d0b1fe28672d637420f86dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Feb 2023 20:20:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: text/html; charset=UTF-8
Connection: close
Expires: Tue, 9 May 2000 11:11:11 GMT

GET
H2

200

banner.gif
img.root-top.com/topsite/originalpmu1/
Redirect Chain

http://img.root-top.com/topsite/originalpmu1/banner.gif
https://img.root-top.com/topsite/originalpmu1/banner.gif

4 KB
4 KB

21ms
21ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/originalpmu1/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806840fbe32370e4ea83aada8dc11b827f44dda07e300c10655e7c95e7207506

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 17:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8655
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVkrFyItXdk%2BV8Wu5pONtyQFr1s5LgGKAo0GbIqpWSIextrJJww%2B83ms1Nre4zulkJZN780NLqZgWMduVCfeDawrMuMJfOLdUx%2FdmW%2BotcUcVMdLpz58coyPyFVYmw%2B%2FpJObDj0N49S1C5j75yd1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b97612bade9b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3757
expires: Tue, 21 Feb 2023 17:55:48 GMT

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeS5p%2FqwoApjCRXopjlSfDoZW0dchAQ9DuM8OuHxlz26uMZVCt4pqVjE%2F65a%2F%2Bgl9NWY5Q%2FvGYxvIGZVmtCKdRtz2K%2BeDRPWBwT9RjeMSmTk%2FcqNyDlam28%2FgyZ1RpoUNqi2dobjzWoSATIAzT8G"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/originalpmu1/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79b9761229b0bbdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/turfistes/
Redirect Chain

http://img.root-top.com/topsite/turfistes/banner.gif
https://img.root-top.com/topsite/turfistes/banner.gif

10 KB
10 KB

37ms
19ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfistes/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b95bb1ac561c7e1da96ab7192305a5030bf2da5810164a86c6016e79452d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 14:30:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv%2BIWNyuNoXbsWl%2Bccv1moHMC%2Fl5T%2BV5QNOHP3LKEDS8ssSnm51lCs7xvGOg%2Ftk9TdS9MdJuHaaefRxMCFng4rNQaSKTQtO5Jg6S4MzQUQTQmfqpN9VZZ9cSgNqwPOY0kw0rjaQK2V%2Bj4qGn2npc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b976125a6e9b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9830
expires: Tue, 21 Feb 2023 14:30:14 GMT

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 787
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuWysGfBMVWsWZiAFOGflcdj24x8caQO3G0BQ6wv8sdwE%2FCnpi%2B78nOEcsVx9SETwASO7qysDOEWfZcd4bB1deX%2BQ0c97WyIGSSCLOsk6bhWPAhlpXkS2z1V3mw3fA6%2FseQFVnZKsXwRFlXbWIrB"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/turfistes/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79b976122e516987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1

200
OK

15111904060917821013763213.gif
nsm08.casimages.com/img/2015/11/19//
Redirect Chain

http://img.root-top.com/topsite/bettop/banner.gif
https://img.root-top.com/topsite/bettop/banner.gif
http://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif
https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif

9 KB
10 KB

75ms
17ms

Image
image/gif

91.121.164.142
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

91.121.164.142 , France, ASN16276 (OVH, FR),

Reverse DNS

ns360576.ip-91-121-164.eu

Software

Apache /

Resource Hash

45512018f9d6569d93610720cd59bdd4442e45bf609892a319a1137bb93ac929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:37:56 GMT
Strict-Transport-Security: max-age=31556926
Last-Modified: Sat, 17 Feb 2018 19:33:17 GMT
Server: Apache
ETag: "91aa084-251b-5656d885fd53f"
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.casimages.com
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9499
Expires: Sun, 18 Feb 2024 20:37:56 GMT

Redirect headers

Location: https://nsm08.casimages.com/img/2015/11/19//15111904060917821013763213.gif
Date: Sat, 18 Feb 2023 20:37:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 282
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

banner.gif
img.root-top.com/topsite/gagnantplus/
Redirect Chain

http://img.root-top.com/topsite/gagnantplus/banner.gif
https://img.root-top.com/topsite/gagnantplus/banner.gif

3 KB
4 KB

26ms
24ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/gagnantplus/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3054d07bc05373f5006dd8650d1d22c5066205afcfae576b40eac84ea4b7984

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 17:31:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10091
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDmuSLvbahNTHGhkuZ7WQwO7802kS6svg4zH%2B1%2FgSEiPDLhFAtHEDFwcDehku%2BQonu5XUMf%2FRuGv2w3Mb9xjjXRBUsB6QUnZ9V%2BXqxDgs0TDZK5GVYj5st6kAbKkjq4YpI82zILlETWNkJZJRQD%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b976125a6f9b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3560
expires: Tue, 21 Feb 2023 17:31:52 GMT

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 747
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuIdcD5W3LOJtJczVk3Qa7M2Tya0sUQMhX0Ja23H4po02q7par%2FHw0JZdz8UmXDy5Yv8C4F00Bv25kj86E2%2F3aOrFPh4%2FxmOUfgbqLANllrE0q%2FBBsw%2B1YsO8JOpKjjylXWqwr9m%2FZUiIFiRjDU9"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/gagnantplus/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79b97612292d68e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/freeturf/
Redirect Chain

http://img.root-top.com/topsite/freeturf/banner.gif
https://img.root-top.com/topsite/freeturf/banner.gif

3 KB
3 KB

20ms
19ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/freeturf/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d33df85d8282f5b740fb81434d53934556ba18115d5cd8a62b47d63a3b74ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 17:58:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8494
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgD%2B5DFUkjpKDHrNJSkfD38tqlpZVPoK3nxrRZB7Rq42lmOWL%2FuTfbzA6%2F59VK4PK4mph0QoVBwnCIVaCTYtm91Bz6cY5r%2B4zLEv1HzOLMVUlRtgCEaxBAphpc3pPoMKVKizmam9bTtLgZpTsPHb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b97612badf9b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2931
expires: Tue, 21 Feb 2023 17:58:29 GMT

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BdZTFDpoEBlb5rWwu6d3tMDJS6S5za%2Bwvpp1668nvB02qZEoyYD6rCmXcez5N1ibPPs6lCrfU1gUvsIfTGtT652xS3SoPvolo0Dlv8vXe1%2BaLWO1rp%2FdYnQboZXwjjngO%2BHshzrzNgYvbeNL2ZA"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/freeturf/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79b976123ade91f9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/pmu365/
Redirect Chain

http://img.root-top.com/topsite/pmu365/banner.gif
https://img.root-top.com/topsite/pmu365/banner.gif

3 KB
4 KB

20ms
20ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/pmu365/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98be1cae955be1c6b5bb126cc54d3c4831569f9ae7aab1dd5c41c9c84f99fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 15:11:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 104897
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGmFxwVtjGP%2BGn5c%2BngZWoRVcgc7LdU8Yzaqg1fbjVAOY%2BPTtbDm45HRhdwwCtmOY1qJFJrNyG%2B9bkkyEhre0ICLRWpt8dN8f15ToBmLzDx1dfZtMPK0r5mQMQg4PJMZbzvMsLXnRusQwgshWGOE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b97612bae19b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3296
expires: Mon, 20 Feb 2023 15:11:46 GMT

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01EgIhdnxkduBgTZ1LarTOWmWoV%2FzQTXkIMb%2FIU2V9Grqlv5UpUzUhh42vvqr3RVgdqsSc93yY1DiDyE22Pc1%2FE1uA0tqMssFvBlTOXl0SZTML17T%2F8DZGMEDKqlKjtISndNpLTBXD4bxgc2R3g0"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/pmu365/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79b9761238383826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

turfoscope.gif
1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/turfoscope/banner.gif
https://img.root-top.com/topsite/turfoscope/banner.gif
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

86 KB
86 KB

99ms
99ms

Image
image/gif

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 19:23:49 GMT
x-content-type-options: nosniff
age: 3374
content-disposition: inline;filename="turfoscope.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87766
x-xss-protection: 0
server: fife
etag: "v20cf"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Feb 2023 07:38:05 GMT

Redirect headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lOQErzXo23%2FhorEZm33Qkdtk2LCSTIk2hVJhnHPXn0R0iyi3JpurT8um6vpzcvdT6505pqYQ3KaxarwWahRNgu9r6Xs4S9mjU9sEzLA0zWCoN8FaUntkkSVe%2FsHJhhNetr%2Btlije2GSPWStE5uX"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif
cf-ray: 79b97612ee1d39eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

jmpep80top.gif
1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/jmpep80top/banner.gif
https://img.root-top.com/topsite/jmpep80top/banner.gif
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

45 KB
45 KB

48ms
48ms

Image
image/gif

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 19:23:49 GMT
x-content-type-options: nosniff
age: 3374
content-disposition: inline;filename="jmpep80top.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46098
x-xss-protection: 0
server: fife
etag: "v20cb"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Feb 2023 08:53:22 GMT

Redirect headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XltGaKpl5HC69qDkOUkusFdM68dmgeOHyUd%2BajC5lOyyccOSlg5VcfE9tcZrIdAgekFyfn3JNVMVmKvphod3fTZSAKsuLPaFkJk%2FEhYByxli5EpnS1vBfgBnWU31YpX5vF5V27TQChe%2B6TcWh19M"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif
cf-ray: 79b97612ee1e39eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

banner.gif
img.root-top.com/topsite/dada/
Redirect Chain

http://img.root-top.com/topsite/dada/banner.gif
https://img.root-top.com/topsite/dada/banner.gif

8 KB
8 KB

89ms
89ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/dada/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a527cfabf94d3ace7d53a4a73a0276c7ebee45ef23dfeeb249d1cd240133398

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 15 Feb 2023 14:33:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6tn0FR48OBy8w%2FioV2U3ZKBlEHW5lI%2FsLE5wKSZqiinzonkdeVRRvgHl3wbb7H8utsB%2FQn6Kb4FeRovak7DPdjZ3OvRbkmuip6W9SdU2nAvlPaduPTNMDDdC%2BPV5byN8p5vqhLTCLwdK7IPAQil"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b976134eb539eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7909
expires: Tue, 21 Feb 2023 20:20:03 GMT

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSlyVC99%2B5chcZfuvJV5yXE2EOOQvXDWjsV7T06QieYNetfgshVhectZKzeNl%2FOcWSwvQoSb17r%2FQGkLXSoBuCPHqX09ANexqzBeCWaPx%2FmB%2BGZXkyarNG62R1S7fu8XU7ZVP1LvfJ5x9UA7wmC%2B"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/dada/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79b97612d9133826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1

200
OK

bouton_RT1.gif
www.root-top.com/images/
Redirect Chain

http://img.root-top.com/topsite/classement_general/banner.gif
https://img.root-top.com/topsite/classement_general/banner.gif
http://www.root-top.com/images/bouton_RT1.gif

3 KB
3 KB

83ms
27ms

Image
image/gif

195.210.43.78
MFX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.root-top.com/images/bouton_RT1.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

195.210.43.78 , France, ASN39506 (MFX-AS, FR),

Reverse DNS

server4.createur-internet.com

Software

Apache /

Resource Hash

235ddb6372a963808ad3e009f2122c775d3bccfeeb71ed7a013d27e22448b0a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2009 17:33:45 GMT
Server: Apache
ETag: "cba-4795db1939040-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2433
Expires: Mon, 20 Mar 2023 20:20:03 GMT

Redirect headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpRmlJHDqH3%2FXk8OeBeBA63j1yrf9XfhQCM8rVXRzqCesfJZVzEbqFFyhk6CO0Zf3RzjE1gCJAlUzh5kGi0xqdH8nBAyP8bkyG4YYycaN%2F3khkGoGpGDvZPS2xSgrAEVKX6yoOaui3R0pqLDxm1w"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://www.root-top.com/images/bouton_RT1.gif
cf-ray: 79b976134ec139eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

baseprono.gif
1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/baseprono/banner.gif
https://img.root-top.com/topsite/baseprono/banner.gif
https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

76 KB
76 KB

114ms
113ms

Image
image/gif

2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ee1402f97fc6f57f2e75288863c86a3f2896eed50406745d58ce9b2ddcf7c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 19:23:49 GMT
x-content-type-options: nosniff
age: 3374
content-disposition: inline;filename="baseprono.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77950
x-xss-protection: 0
server: fife
etag: "v20bc"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Feb 2023 02:54:44 GMT

Redirect headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sx33B3ckbtys%2B4uzOt36skTBFrbxpd9E4k%2FNj1wszIXxVpxIu6akl6HheCYxDbLtc9cROv4ugSiOoZQSpz7J1HuPY%2FT8WGJ1jzPzGw1kbiC6DwtR4nb8YzCgG4wo4pUMv8CoIYAPKGg%2BTxRSg7rp"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif
cf-ray: 79b976133ea139eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

banner.gif
img.root-top.com/topsite/turfaunet/
Redirect Chain

http://img.root-top.com/topsite/turfaunet/banner.gif
https://img.root-top.com/topsite/turfaunet/banner.gif

9 KB
10 KB

14ms
13ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfaunet/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba34a018e01c7a7d8accdc0f634cb78dd96f7035d90f9d7ce348738844146411

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 14:47:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19969
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yxugjlcOTVveocqJohmJvwwflv%2BiabgZSoYr%2FBeKz0oZBcjlCUvPMOk9vRrwV21KIru0Zyxm0USv3maDSW1droVC9nc3SF46EsaKITCseWe7O6kcZl6bYSQbrafzXF8HbDazF5v%2BrBges2dZOlK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b97613ffb239eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9220
expires: Tue, 21 Feb 2023 14:47:14 GMT

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 747
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ6%2BOed2u14eies%2FwTKPfF4sHcQHlvKxJIZ08583YPLqSXlLzoHjv2uDOBKvM1VmaRWbPAGlNBuI%2F01GTGuytXtH6oPn38ZfyXxTWNRJXVjfUuUcb960gBEwIwZVKbFASD3b6XOKKtUOCH20UkSe"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/turfaunet/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79b97613dc7d91f9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2 200 banner.gif
img.root-top.com/topsite/filibert42/ 3 KB
3 KB 137ms
97ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/filibert42/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1ee509060215881fd23894aa529300d6ee23322a68c2bd76f092c763e8c8f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 20:20:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSDyDPBg4L6ltZcV%2BVx0ihpkPt6TRbeUKpYLHbsFJ0CwZLoZxRHKboFoVK%2BqsaxE1B9iZXzX2E%2B0iIA%2FLSxQEjsZqvvXjZKsVlL6fwZWzbOxCpGOz9rRjR3nYlJCENbSIfqbNXNIAoGW8lh1h1Q3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 79b976125a6c9b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2931
expires: Tue, 21 Feb 2023 20:20:03 GMT

GET
H/1.0 200
OK allosponsor_88x31.gif
www.allosponsor.com/image/ 13 KB
14 KB 333ms
20ms Image
image/gif 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.allosponsor.com/image/allosponsor_88x31.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.0
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 1af0b2990efdc47bdd80975ec2535fa0b19df2e5de2249899b948bc856fc8c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:18:26 GMT
X-Pad: avoid browser bug
Via: 1.1 212-83-183-115.rev.poneytelecom.eu:80 (squid/2.7.STABLE9)
X-Cache-Lookup: MISS from 212-83-183-115.rev.poneytelecom.eu:80
Last-Modified: Mon, 19 Jul 2010 11:29:10 GMT
Server: Apache/2.2.22 (Debian)
ETag: "38034e-34b9-48bbbe0974d80"
X-Cache: MISS from 212-83-183-115.rev.poneytelecom.eu
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13497

GET
H2

200

/
uhit.eu/
Redirect Chain

http://www.uhit.eu/button1.php?u=titro-turf
https://www.uhit.eu/
https://uhit.eu/

0
0

393ms
171ms

Image
text/html

5.196.53.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhit.eu/
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 5.196.53.228 Criquebeuf-la-Campagne, France, ASN16276 (OVH, FR),
Reverse DNS: ip228.ip-5-196-53.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Sat, 18 Feb 2023 20:20:03 GMT
server: Apache
x-redirect-by: WordPress
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://uhit.eu/
cache-control: max-age=0
content-length: 0
expires: Sat, 18 Feb 2023 20:20:03 GMT

GET
H/1.1 200
OK 88x31blogs.gif
blogs.netoo.com/pub/ 2 KB
2 KB 887ms
16ms Image
image/gif 188.165.42.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://blogs.netoo.com/pub/88x31blogs.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Server: 188.165.42.17 Saint-Maur-des-Fossés, France, ASN16276 (OVH, FR),
Reverse DNS: mpool.netoo.net
Software: Apache /
Resource Hash: 1237421ee201c5fb40954aff7e9a8e39d011d8ab10cd7be9ec682f8e79e96711

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:04 GMT
Last-Modified: Sat, 19 Aug 2006 17:03:45 GMT
Server: Apache
ETag: "795-41b61dc153e40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1941

GET
H/1.1 200
OK topliens.gif
www.rapidoweb.free.fr/images/ 2 KB
2 KB 185ms
15ms Image
image/gif 212.27.63.105
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rapidoweb.free.fr/images/topliens.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Server: 212.27.63.105 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: perso105-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: 7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:02 GMT
Last-Modified: Fri, 21 Mar 2003 16:40:46 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]
ETag: "2b8d6b-831-3e7b408e"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 2097

GET
H/1.0 200
OK hebdotop.eur Show response
www.hebdotop.com/cgi-bin/ 1 KB
1 KB 183ms
23ms Script
text/html 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hebdotop.com/cgi-bin/hebdotop.eur?id=303425
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.0
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: e81dd64492df82aa57c8f76be1c6db52f864eec1cbcc9d008016adc405bafee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:18:26 GMT
Content-Encoding: gzip
Via: 1.1 212-83-183-115.rev.poneytelecom.eu:80 (squid/2.7.STABLE9)
X-Cache-Lookup: MISS from 212-83-183-115.rev.poneytelecom.eu:80
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
X-Cache: MISS from 212-83-183-115.rev.poneytelecom.eu
Content-Type: text/html
Connection: close

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 211ms
132ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e26c4d3c9563fa13dd2c64c5c4f8cb7bb75dac5e9df959cc6f6e0bc0e5cb2c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49346
x-xss-protection: 0
server: cafe
etag: 18361996845688373870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:20:03 GMT

GET
H2

200

feed Show response
www.pronostic-facile.fr/widget/originalpmu/script/
Redirect Chain

http://www.pronostic-facile.fr/widget/originalpmu/script/feed
https://www.pronostic-facile.fr/widget/originalpmu/script/feed

245 B
836 B

64ms
45ms

Script
text/html

2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/originalpmu/script/feed
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5744bdc6e361c95e2ae0959aa47a42f5799b5292025a5977afb7888d2f37d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-runtime: 1
date: Sat, 18 Feb 2023 20:20:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLxBHkPssBf1WZORihKdj6MMb5ZZlOM%2B2QZUkVtnEo7lspYq6CYD5%2FFMC49lHwlo8RQ%2Fuq7P8461F4EO0Zf3z0tYQlyeMj8sMDoOffMy3bt5YbA0d8fpae5TpgPpsYMEhUpRrm0F40E2H0JbCZmNm%2BzaR%2ByUSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 79b976115d3c9136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK4ViDBtJD9N2zBmNe%2FZEHFkAm3BUe0QkHmyCM9%2BTSE567gXH4bXEJdBUasntvgQwirAfuoCuiPG6rYWV1BjaL3H5GyiNbBMhNjSRj8SC%2FYvgoC1ucLydG5iR8q1kRjJXa5Cc0T4dBvoQ81S3HIfPj9q5tliQA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.pronostic-facile.fr/widget/originalpmu/script/feed
Connection: keep-alive
Server-Timing: cf-q-config;dur=6.0000020312145e-06
CF-RAY: 79b97610fa5a91de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK cookienotice.js Show response
original-pmu.blogspot.com/js/ 6 KB
3 KB 81ms
80ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://original-pmu.blogspot.com/js/cookienotice.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/?m=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 18 Feb 2023 18:50:21 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Sat, 25 Feb 2023 20:20:03 GMT

GET
H2 200 1518138593-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
55 KB 59ms
52ms Script
text/javascript 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1518138593-widgets.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56df2e4a58e080a70919b1005082c2f78d9bfe139661e5c55984100653b1f934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56501
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:53:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Feb 2024 13:42:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 154ms
75ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4442622547489634&plah=original-pmu.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4442622547489634&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4743cdcc16710ea5c4f4275f7ef440c6988b2af2db7b07b260dbd0326c2de85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122949
x-xss-protection: 0
server: cafe
etag: 3739221322325755770
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:20:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/ Frame 5099 10 KB
5 KB 115ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4442622547489634&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 20:03:26 GMT
etag: 10353107486223812946
expires: Sat, 04 Mar 2023 20:03:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

image
themes.googleusercontent.com/
Redirect Chain

http://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600
https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

1 MB
1 MB

368ms
249ms

Image
image/jpeg

2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d9d309e9e551cf6eb930544a61f51a74d57a442a4aaced61a8abfdc77fec7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1209057
x-xss-protection: 0
expires: Sun, 19 Feb 2023 20:20:03 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Feb 2023 20:20:03 GMT
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 179 KB
60 KB 50ms
49ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4de0c639402f753e4ce8774bacf84a2a92dbec34534fd680c3540f635552e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 22:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60729
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 22:29:52 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 73ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 09:38:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 38485
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Sat, 04 Mar 2023 09:38:38 GMT

GET
H2 200 white80.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
208 B 115ms
48ms Image
image/png 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/white80.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 16:24:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Feb 2023 09:50:52 GMT
server: sffe
age: 100511
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 24 Feb 2023 16:24:52 GMT

GET
H2 200 header_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 424 B
538 B 116ms
49ms Image
image/png 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/header_gradient_shade.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:35:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 04:55:04 GMT
server: sffe
age: 179094
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 424
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 23 Feb 2023 18:35:09 GMT

GET
H2 200 tabs_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 185 B
324 B 114ms
47ms Image
image/png 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/tabs_gradient_shade.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:23:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Feb 2023 19:55:46 GMT
server: sffe
age: 298576
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 22 Feb 2023 09:23:47 GMT

GET
H/1.1 200
OK tDbM2oWUg0MKoZw1-LPK8w.woff2
fonts.gstatic.com/s/arvo/v20/ 17 KB
18 KB 74ms
37ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/arvo/v20/tDbM2oWUg0MKoZw1-LPK8w.woff2

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Origin: http://original-pmu.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:32:44 GMT
X-Content-Type-Options: nosniff
Age: 258439
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 17300
X-XSS-Protection: 0
Last-Modified: Tue, 19 Apr 2022 18:49:01 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 15 Feb 2024 20:32:44 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame DBD1 7 KB
3 KB 173ms
172ms Document
text/html 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&vt=-6040728026497715392&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1de3cece6343d8b5790b4692cb912d6e04d622759fabc1976515822f7278872

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2606
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Sat, 18 Feb 2023 20:20:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 714ms
709ms Stylesheet
text/css 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5579839696325710492&zx=3ad56aaf-1154-495d-916e-376335610121

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 20:20:04 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
600 B 234ms
69ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=original-pmu.blogspot.com&callback=_gfp_s_&client=ca-pub-4442622547489634

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4442622547489634&plah=original-pmu.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08fa0baf8b1941ed2745d1a1921ab1ba22115706df977043603e233df0a13388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 212ms
70ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=original-pmu.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 197ms
68ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=original-pmu.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC53 603 B
245 B 198ms
198ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4442622547489634&output=html&adk=1812271804&adf=3025194257&lmt=1676730141&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=http%3A%2F%2Foriginal-pmu.blogspot.com%2F%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1676751603308&bpp=23&bdt=225&idt=296&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6374759235035&frm=20&pv=2&ga_vid=1072163166.1676751604&ga_sid=1676751604&ga_hid=1191112534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C44774606%2C31071662%2C31071976&oid=2&pvsid=3769660704535193&tmod=805867633&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 20:20:03 GMT
expires: Sat, 18 Feb 2023 20:20:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame DBD1 54 KB
20 KB 85ms
84ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&vt=-6040728026497715392&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b04130b467e99434f0fb6dfab008b6b3a45a769e415a2c279fd33211381f132

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Feb 2023 20:20:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "79ab95d7605f8093"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:20:03 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame DBD1 907 B
930 B 47ms
47ms Image
image/png 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:11:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Feb 2023 02:52:01 GMT
server: sffe
age: 122932
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 24 Feb 2023 10:11:11 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame DBD1 117 B
140 B 47ms
47ms Image
image/png 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 00:38:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Feb 2023 04:55:04 GMT
server: sffe
age: 157319
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 24 Feb 2023 00:38:04 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame DBD1 132 KB
44 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45325
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 13:10:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
45 KB 271ms
139ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357205&idd=1558204&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cd93eed0961734481acd7d8e12442252d5118cc47f426876c46f965acaa5572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45852
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Feb 2023 20:20:04 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 51ms
17ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357205&idd=1558204&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "232e2-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 50ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "215ef-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ 753 B
991 B 50ms
17ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "23384-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H/1.1 200
OK geocounter_iframe_css_64.php Show response
geoloc5.geovisite.ovh/private/ Frame 3CCE 166 KB
167 KB 151ms
116ms Document
text/html 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter.js?compte=9279n1qjl1j2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: 614c6fdafd53af674c7705de4f96d96b29d02b43d6996f17c5fd140de7f3f613

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Feb 2023 20:20:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK pointeur.gif
geoloc5.geovisite.ovh/private/geoloc/ 43 B
257 B 67ms
17ms Image
image/gif 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/private/geoloc/pointeur.gif?|9279n1qjl1j2||1200*1600|windows|en|24|1676751614|||chrome|110||DE|50.10490|8.62950|Frankfurt+am+Main|31173+Services+AB|1676751603|geocounter|0|1676751603|||http%3A//original-pmu.blogspot.com/%3Fm%3D0|NULL
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
Last-Modified: Tue, 04 Mar 2008 08:22:49 GMT
Server: lighttpd/1.4.54
Accept-Ranges: bytes
ETag: "2777121996"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 taght.php Show response
www.1clic1don.fr/ Frame DD19 1 KB
1 KB 135ms
96ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/taght.php

Requested by

Host: www.hebdotop.com
URL: http://www.hebdotop.com/cgi-bin/hebdotop.eur?id=303425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3bd1393f1ea07721b0f46c9a044b9fde6084912ee1e8e8f3b6755fb928f12b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79b97614be6c2bbe-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 Feb 2023 20:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmd20xmPoezfpyUIAYC%2FKpcpdn2T%2BpaNMkMwyorzMqQUtaN%2FEVMq8cWQ7X%2Fb8Z%2FleKQs29bfeoEHjDOgDgMQwtKsgGkd1o9UowsAdpBS2HTbJdWoPVYRQxR0fwIlbNIv2oDPUTkmVXl%2F2%2Bw8X%2BIJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000

GET
H/1.0 200
OK vote81579.eur
www.hebdotop.com/cgi-bin/ 181 B
501 B 44ms
24ms Image
image/png 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hebdotop.com/cgi-bin/vote81579.eur?id=303425
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.0
Server: 212.83.183.115 La Garenne-Colombes, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:18:26 GMT
Via: 1.1 212-83-183-115.rev.poneytelecom.eu:80 (squid/2.7.STABLE9)
X-Cache-Lookup: MISS from 212-83-183-115.rev.poneytelecom.eu:80
Server: Apache/2.2.22 (Debian)
Connection: close
X-Cache: MISS from 212-83-183-115.rev.poneytelecom.eu
Content-Type: image/png

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/originalpmu/feed/ Frame C298 15 KB
6 KB 27ms
26ms Document
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/originalpmu/script/feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b7c1472f61d066684e5d4292dd42e499ce037d56a4de2586967153bdb6f005

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79b976147a019136-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 18 Feb 2023 20:20:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u%2B0Azzyhg0vmR2ZmasWYfn24YEripWf553fxyxli9ATMoPXDiNuXFa3Fr6X3t8%2BpfFI05H9gZFTUm8DQiDGWBS9jFjVP9dDrACWx%2BSRZu7jO6V7j%2B5LTnvn4sSYEd53nAEMLyAX6Q5RIee1PaImm6o%2BY4bCYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 1

GET
H3 200 black50.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
119 B 50ms
49ms Image
image/png 2a00:1450:400d:80d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/black50.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:42:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Feb 2023 18:53:31 GMT
server: sffe
age: 196674
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 23 Feb 2023 13:42:09 GMT

GET
H2 200 rss-fp-1612893811.png
cdn3.pronostic-facile.fr/images/icones/16x16/ Frame C298 739 B
1 KB 55ms
14ms Image
image/png 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 131296
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 739
last-modified: Tue, 09 Feb 2021 18:03:31 GMT
server: cloudflare
etag: "6022ce73-2e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLIyETpw0dCeZGqKp3aTfD99%2FPYuKV%2FRhbN39DQiSzQ2EFwFh3zUflISv22DCl297bck6RWYzL1dO4fAMH%2FFQxjdTJj7Bg2Nwj5E15s3EenR9Gyjw5pmxrUuJ9q%2BrH0FsFJq5CDiDaxU1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 79b976151aff9136-FRA
x-amz-cf-id: xuogtxqwht6pvxHUa9bd-DA05yxYFzAEajwtPCgbbJvj3Q1XhpYHHQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C298 110 KB
43 KB 106ms
76ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d658d4cc4c017c551e849f32d7f5fd90f57f185f40f3cf3d88ec8cb8d1d59746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44105
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Feb 2023 20:20:04 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame C298 17 KB
6 KB 130ms
71ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 79b976155c0c6904-FRA

GET
DATA 200
OK truncated
/ Frame C298 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 invisible.js Show response
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame AC42 37 KB
16 KB 16ms
15ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676750400
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3dae428ae20dd294de4991aad47e9b433a6bb5f983322644c16ecbd7609e29b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BXqRpMej0BTlSMaL5T%2BQXY6wc%2Fsk8KRJeYrtSqt8WbEhSNNfLkxaCtLkW%2Bh6EeBx0Wfgw8ROQC%2Fq4Df93o%2Ba7yyrWNcYb%2BPUpgKY1ZMKEVa%2BA96xHRP2cbJjuDbMW%2FMCN0Jz6J8YWHYv%2BMa2q04"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79b976156f192bbe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK casquette.png
geoloc5.geovisite.ovh/skin/geocounter/ Frame 3CCE 4 KB
5 KB 17ms
17ms Image
image/png 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/geocounter/casquette.png
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 40ba84bac5d740e913d6c7035c8fe93eca31244fdb3564577c1af60847d1c262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:03 GMT
Last-Modified: Tue, 14 Apr 2015 12:26:12 GMT
Server: lighttpd/1.4.54
ETag: "303213619"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 4348
Expires: Sun, 05 Mar 2023 20:20:03 GMT

GET
H/1.1 200
OK loupe30.png
geoloc5.geovisite.ovh/skin/png/ Frame 3CCE 30 KB
31 KB 51ms
33ms Image
image/png 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/png/loupe30.png
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 9d34a303f8c67d6d63830ae852e3368ec97c8237e82672fa2a144352d1ce9460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:04 GMT
Last-Modified: Mon, 15 Jan 2007 09:45:09 GMT
Server: lighttpd/1.4.54
ETag: "3728015203"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 31101
Expires: Sun, 05 Mar 2023 20:20:04 GMT

GET
H/1.1 200
OK loupe30.cur
geoloc5.geovisite.ovh/skin/png/ Frame 3CCE 4 KB
4 KB 51ms
18ms Image
application/octet-stream 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/png/loupe30.cur
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 5f16ab826f87f46f60ad8c98c3bbed9a4273ff2da7843130b3036891251af5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:04 GMT
Last-Modified: Thu, 16 Apr 2015 09:42:42 GMT
Server: lighttpd/1.4.54
ETag: "1268945244"
Content-Type: application/octet-stream
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 3782
Expires: Sun, 05 Mar 2023 20:20:04 GMT

GET
H/1.1 200
OK globe.gif
geoloc5.geovisite.ovh/skin/geocounter/ Frame 3CCE 168 KB
168 KB 50ms
17ms Image
image/gif 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/geocounter/globe.gif
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 587cdcf764cce58883c13701fe36bdc1a68984555b6f1dc4540cc5e92217fcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 20:20:04 GMT
Last-Modified: Tue, 28 Apr 2015 14:03:22 GMT
Server: lighttpd/1.4.54
ETag: "343773560"
Content-Type: image/gif
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 171894
Expires: Sun, 05 Mar 2023 20:20:04 GMT

GET
DATA 200
OK truncated
/ Frame 3CCE 123 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b613f50cef15cdb9a187d9edf05aaf12e8543b606d1abff2f21785672d201d67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pica.js
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/ Frame AC42 18 KB
8 KB 22ms
22ms Other
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5253b01859d7fc2267287582682ad6c44cdafc3e769c11b092c8f132359041f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BLUYbhDOVK%2FaX%2F0wzgUZn7FDwmwMFpLbUiZxYTZqD4Org17VfTwe9tn6CPB9qzhk6%2FrRbWQLyqzy53ZOotAezxGDEX9jcZH8g7esJWezd9d1u%2F%2FNRQh%2FdMg4GTf1OOcFo8b%2Bd2%2FGL8QIGyoRneV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79b97615ee17917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C298 49 KB
20 KB 166ms
47ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Feb 2023 19:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4078
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 18 Feb 2023 21:12:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 175ms
63ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Feb 2023 19:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4078
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 18 Feb 2023 21:12:06 GMT

POST
H3 200 79b97614be6c2bbe Show response
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/ Frame AC42 2 B
668 B 32ms
32ms XHR
text/plain 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/79b97614be6c2bbe
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676750400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY%2BPCOvqlA9%2FMfn7LLeBFMAN1MXKDDTJRLOTKsAYbIe6XPFtNITo1Cl43JXyhMvA7A6Also7IPc4s6%2Bc0XRppw1VBeVo2ZIdUcnyDMbYUL7NjK2VBE212GrTeNyxzjmKBczUgEMjeYkZyddjfxG3"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 79b97617d90b917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 67ms
67ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1191112534&t=pageview&_s=1&dl=http%3A%2F%2Foriginal-pmu.blogspot.com%2F%3Fm%3D0&ul=en-us&de=UTF-8&dt=ORIGINAL-PMU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=882045300&gjid=1453327714&cid=1072163166.1676751604&tid=UA-135619294-1&_gid=1404467820.1676751604&_r=1&_slc=1&gtm=45He32f0n81NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1558204&cd3=357205&cd4=(not%20set)&cd5=classic&z=30914290

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://original-pmu.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 20:20:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://original-pmu.blogspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame C298 0
183 B 18ms
17ms XHR
text/plain 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: application/json

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 79b9761808a29b58-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 87ms
86ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230215&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c189a4d1530db4c7b9175d125506e4a08a31d9f8519d468e280e82fb83a397e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11327
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 238ms
95ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:20:04 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 092B 13 KB
5 KB 48ms
47ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 120226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 10:56:18 GMT
expires: Sat, 17 Feb 2024 10:56:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 47FE 783 B
1 KB 124ms
45ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d448aad352f75c81259e10afff9b5f57b66dc1c84da42e458a9de1ac4cf9ead1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GCAiSO_VgOT4ls-3Zyjdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-GCAiSO_VgOT4ls-3Zyjdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 20:20:04 GMT
expires: Sat, 18 Feb 2023 20:20:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 092B 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 19:53:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 47FE 0
0 72ms
71ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230215&jk=3769660704535193&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 092B 0
10 B 47ms
47ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7DbCtA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 20:20:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230215&jk=3769660704535193&bg=!WVqlWg7NAAZYlHKzeJQ7ADkAdvg8WupUjkhiQwHok6ghk487Bbx7DTroOeX_m6ySHUE64E-uUR_TBWnpdf2y-SRvBQad8czJo-UCAAAAXFIAAAACaAEHCgBczblbma4ZG4uD6o9npqoo2WRff-I2jwb9C0SzQ-bxkNPqEFcdNiEt1hqcyYh2HPk3vUNBtIMPvW99YFGJ6W29QMCsMqVYNn_ET50DkyJ_ZhN4uuqbr81ju0jGiQaZAqwuZpfyvEaG-KqNnKpwjRGIT6IJoPscze3ynCKRsMP7pI2uBcsOJ4M5SGPpb0txqd-HlOjE65X-EbfIinXAVsjQDhCNnar7OdFFOPtVj-k8hQWt5-ZD42RL3TfQnqiy9U-Qxb79erwL2Iz-vESgMCgimddAUarp7s0vIgN3DmlmiPiE3LIe8g6GWnzo9UbnQ0mrjr-D3Ub2VRprpazapau8B_uvY6U4ReiNhSBeroQPQbNhVIBcpsB1e7_UZC0UadSrrTMzn5km0sDFEuMzWjwOItPGV8nDoldsF9oBpqoxy-dARXu-nXYYob8pBXHeEa1vXgAMfUCgFV_3WEXYoP8iD4cWacFelqWhhznlAkf6DRO4PvA4q5dW4Rf5M8C3bH2uBTjHdPi5iL6l6PflflzG2rGP8hv25TtKghk2TkmQ8cwej9QnBGiaHLliN6a9SavNH_JZEmA2RBuGGdnTXo3pEa79IPAX-Wf1R9WdQHDv1-A_ENzApL3lUv88N28lkNzxocFidTJ350lrmfTz4st1olkPTuBrJkFUvrAp5QRmCS2TiiF-KS-2JMCHaKvfHYg9jqRISXJ_dDsvDq-VLQ24TXVx876fUtWh32Mp9FUUcw1CcWwSWvxgtgstVcpAjy9K76sZwwWXTKermrzzvFvHbiAgtgmXT8ni-FeDDy3ewldceKuLHS9A1eS7rJb5q8g8YVHkN1xc2Y4tJUSek3ZwWiBeqzqqy7OuXjIitNX7HsDOav9ksEEhC5bZtsICVUURTLbV4fqIrBO98rxiwOzQuX0Q2nZkbxlVAFpvhe_jXxRlo0izlgka0sZZMJjHwlyCPEhur1Th-Lpqqrwu694YJ4sstWW8nGQxudjCn9WsE15rpe9K8EmYtrHNsVlD0q4mHSJK-wkt1Ia-A0Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 09:45:52	Name: test_cookie Value: CheckForPermission
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 67e26a3f-da6a-42ac-8d6a-bbc26afac90d
.allopass.com/	1970-01-20 18:31:27	Name: AP_CUSK Value: 3606818617
original-pmu.blogspot.com/	1970-01-20 09:55:56	Name: acceptcookie Value: ok
.original-pmu.blogspot.com/	1970-01-20 19:21:51	Name: _ga Value: GA1.3.1072163166.1676751604
.original-pmu.blogspot.com/	1970-01-20 09:47:18	Name: _gid Value: GA1.3.1404467820.1676751604
.original-pmu.blogspot.com/	1970-01-20 09:45:51	Name: _gat_UA-135619294-1 Value: 1
.1clic1don.fr/	1970-01-20 09:45:53	Name: __cf_bm Value: tp6siZgxQVfJWUTnYLI.K.KuXbBi7LHJIdzqvJ_utfQ-1676751604-0-AalAKEr5A+sFbeaJm4iqlfgtj59G6+oc2jFb7FhzLhY0w/FoMISt9aaS+YuR2ix1PwW1VPEd5cpF2ChDyu1vccmvjKJ/SR9AsDWZ5hxflIpnDVPoY8Y+qVve5BkDV35ilbjryrsp9frC14wpJ6AMu5Q=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
apis.google.com
blogs.netoo.com
cdn3.pronostic-facile.fr
fonts.gstatic.com
geoloc5.geovisite.ovh
googleads.g.doubleclick.net
img.root-top.com
nsm08.casimages.com
original-pmu.blogspot.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
resources.blogblog.com
static.cloudflareinsights.com
themes.googleusercontent.com
tpc.googlesyndication.com
uhit.eu
www.1clic1don.fr
www.allosponsor.com
www.blogger.com
www.geny.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hebdotop.com
www.pronostic-facile.fr
www.rapidoweb.free.fr
www.root-top.com
www.uhit.eu
185.119.26.1
188.165.42.17
195.210.43.78
212.27.63.105
212.83.183.115
2606:4700:3034::6815:15de
2606:4700:3034::ac43:c8d8
2606:4700:3038::6815:ea1a
2606:4700::6810:3865
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:831::2002
2a00:1450:400d:803::2001
2a00:1450:400d:803::2002
2a00:1450:400d:804::2008
2a00:1450:400d:805::2002
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2001
2a00:1450:400d:80c::2001
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2009
2a06:98c1:3120::c
34.102.200.23
5.196.53.228
54.36.176.112
91.121.164.142
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7
045016cd808cbfebba02118beca72b23cf8b719b820ea221ca477b25e9c7d730
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
08fa0baf8b1941ed2745d1a1921ab1ba22115706df977043603e233df0a13388
0f1917620a3a33ca16e84bb58ea89ee48dad221de013bfa383ab245c641f81f6
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1237421ee201c5fb40954aff7e9a8e39d011d8ab10cd7be9ec682f8e79e96711
1af0b2990efdc47bdd80975ec2535fa0b19df2e5de2249899b948bc856fc8c0b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21b49318fd4b1f5d1bdb2e53293c578dce16464189cb2188d4cac11f62e1598f
2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7
235ddb6372a963808ad3e009f2122c775d3bccfeeb71ed7a013d27e22448b0a9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab
30b95bb1ac561c7e1da96ab7192305a5030bf2da5810164a86c6016e79452d74
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6
380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047
3b04130b467e99434f0fb6dfab008b6b3a45a769e415a2c279fd33211381f132
3b9ed92648425393a41f6eaec5d1c1d992c91029ad1704da4cc6a3fe5d98cf99
3c189a4d1530db4c7b9175d125506e4a08a31d9f8519d468e280e82fb83a397e
40ba84bac5d740e913d6c7035c8fe93eca31244fdb3564577c1af60847d1c262
428921331c37e4949f9a73bea7e09750840b551e786090f36d211de7b21329e8
42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2
43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5
45512018f9d6569d93610720cd59bdd4442e45bf609892a319a1137bb93ac929
4743cdcc16710ea5c4f4275f7ef440c6988b2af2db7b07b260dbd0326c2de85d
4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56df2e4a58e080a70919b1005082c2f78d9bfe139661e5c55984100653b1f934
587cdcf764cce58883c13701fe36bdc1a68984555b6f1dc4540cc5e92217fcc2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a527cfabf94d3ace7d53a4a73a0276c7ebee45ef23dfeeb249d1cd240133398
5f16ab826f87f46f60ad8c98c3bbed9a4273ff2da7843130b3036891251af5ed
614c6fdafd53af674c7705de4f96d96b29d02b43d6996f17c5fd140de7f3f613
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69c358d01d2ca3161faa7ce60bcba0d144f8f62db451d7297e8b5f8f2ef91e55
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
6a5744bdc6e361c95e2ae0959aa47a42f5799b5292025a5977afb7888d2f37d0
6d33df85d8282f5b740fb81434d53934556ba18115d5cd8a62b47d63a3b74ac6
6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
7ee1402f97fc6f57f2e75288863c86a3f2896eed50406745d58ce9b2ddcf7c39
806840fbe32370e4ea83aada8dc11b827f44dda07e300c10655e7c95e7207506
89b7c1472f61d066684e5d4292dd42e499ce037d56a4de2586967153bdb6f005
8cd93eed0961734481acd7d8e12442252d5118cc47f426876c46f965acaa5572
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
99cc06e9ff11236fc96dfbc21c6009253a0ac0a28c5dfb08af429d71c8e7edc5
9d34a303f8c67d6d63830ae852e3368ec97c8237e82672fa2a144352d1ce9460
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5253b01859d7fc2267287582682ad6c44cdafc3e769c11b092c8f132359041f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3147b983dfa9a6d639132d62169670bef95fe79d0b1fe28672d637420f86dc3
b54af5a0949a40cde9b1cddc22374a0f13430856bdd24a874daa42e78b71aff9
b613f50cef15cdb9a187d9edf05aaf12e8543b606d1abff2f21785672d201d67
ba34a018e01c7a7d8accdc0f634cb78dd96f7035d90f9d7ce348738844146411
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c3054d07bc05373f5006dd8650d1d22c5066205afcfae576b40eac84ea4b7984
c4de0c639402f753e4ce8774bacf84a2a92dbec34534fd680c3540f635552e8a
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf13ceb574c904b930e10cc89f720660497b034cb180cf8c6f1c8868ba6db6ca
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d3bd1393f1ea07721b0f46c9a044b9fde6084912ee1e8e8f3b6755fb928f12b9
d448aad352f75c81259e10afff9b5f57b66dc1c84da42e458a9de1ac4cf9ead1
d658d4cc4c017c551e849f32d7f5fd90f57f185f40f3cf3d88ec8cb8d1d59746
d9d309e9e551cf6eb930544a61f51a74d57a442a4aaced61a8abfdc77fec7865
de1ee509060215881fd23894aa529300d6ee23322a68c2bd76f092c763e8c8f3
e1de3cece6343d8b5790b4692cb912d6e04d622759fabc1976515822f7278872
e26c4d3c9563fa13dd2c64c5c4f8cb7bb75dac5e9df959cc6f6e0bc0e5cb2c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81dd64492df82aa57c8f76be1c6db52f864eec1cbcc9d008016adc405bafee0
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
f3dae428ae20dd294de4991aad47e9b433a6bb5f983322644c16ecbd7609e29b
f98be1cae955be1c6b5bb126cc54d3c4831569f9ae7aab1dd5c41c9c84f99fd2

original-pmu.blogspot.com Open in urlscan Pro 2a00:1450:400d:80c::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

66 %HTTPS

67 %IPv6

25 Domains

32 Subdomains

27 IPs

4 Countries

2562 kBTransfer

3880 kBSize

8 Cookies

52 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

original-pmu.blogspot.com Open in urlscan Pro
2a00:1450:400d:80c::2001 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

66 %
HTTPS

67 %
IPv6

25
Domains

32
Subdomains

27
IPs

4
Countries

2562 kB
Transfer

3880 kB
Size

8
Cookies

87 HTTP transactions
2 data transactions