turfvoyance.blogspot.com Open in urlscan Pro
2a00:1450:4001:803::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://turfvoyance.blogspot.com/?m=1
Submission: On October 20 via manual (October 20th 2021, 7:46:03 am UTC) from DE — Scanned from DE

Summary HTTP 53 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 53 HTTP transactions. The main IP is 2a00:1450:4001:803::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is turfvoyance.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on September 13th 2021. Valid for: 2 months.

This is the only time turfvoyance.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	51.254.50.144 51.254.50.144	16276 (OVH) (OVH)
1	2001:41d0:a:7... 2001:41d0:a:7c5c::	16276 (OVH) (OVH)
2	213.246.57.128 213.246.57.128	21409 (IKOULA) (IKOULA)
6	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3034::ac43:c8d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.254.1.54 178.254.1.54	42730 (EVANZOAS) (EVANZOAS)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
53	18

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

turfvoyance.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.254.50.144 (France)

ASN16276 (OVH, FR)
PTR: ip144.ip-51-254-50.eu

www.maxannu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:a:7c5c:: (France)

ASN16276 (OVH, FR)

www.top-france.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.246.57.128 (Paris, France)

ASN21409 (IKOULA, FR)
PTR: www.allosponsor.com

www.hebdotop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.254.1.54 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: hello-world.digital

www.zeitverschiebung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googleusercontent.com lh5.googleusercontent.com lh4.googleusercontent.com lh6.googleusercontent.com lh3.googleusercontent.com	134 KB
11	google.com 5 redirects apis.google.com accounts.google.com www.google.com	176 KB
7	blogger.com 1 redirects www.blogger.com	101 KB
4	blogspot.com turfvoyance.blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com	66 KB
3	pronostic-facile.fr www.pronostic-facile.fr cdn3.pronostic-facile.fr	8 KB
3	blogblog.com resources.blogblog.com	1 KB
2	google-analytics.com www.google-analytics.com	39 KB
2	googletagmanager.com www.googletagmanager.com	72 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	46 KB
2	hebdotop.com www.hebdotop.com	945 B
2	paypalobjects.com www.paypalobjects.com	2 KB
1	zeitverschiebung.net www.zeitverschiebung.net	2 KB
1	top-france.com www.top-france.com	2 KB
1	maxannu.com www.maxannu.com	7 KB
53	15

	Domain	Requested by
7	www.blogger.com	1 redirects turfvoyance.blogspot.com www.blogger.com apis.google.com
6	apis.google.com	turfvoyance.blogspot.com apis.google.com www.blogger.com
6	lh3.googleusercontent.com	turfvoyance.blogspot.com www.blogger.com
4	www.google.com	4 redirects
4	lh4.googleusercontent.com	turfvoyance.blogspot.com
3	resources.blogblog.com	turfvoyance.blogspot.com
3	lh6.googleusercontent.com	turfvoyance.blogspot.com
3	lh5.googleusercontent.com	turfvoyance.blogspot.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.zeitverschiebung.net www.pronostic-facile.fr
2	www.pronostic-facile.fr	turfvoyance.blogspot.com www.pronostic-facile.fr
2	www.hebdotop.com	turfvoyance.blogspot.com
2	www.paypalobjects.com	turfvoyance.blogspot.com
2	turfvoyance.blogspot.com	turfvoyance.blogspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn3.pronostic-facile.fr	www.pronostic-facile.fr
1	ajax.googleapis.com	www.zeitverschiebung.net
1	fonts.googleapis.com	www.zeitverschiebung.net
1	accounts.google.com	1 redirects
1	www.gstatic.com	apis.google.com
1	www.zeitverschiebung.net	turfvoyance.blogspot.com
1	1.bp.blogspot.com	turfvoyance.blogspot.com
1	www.top-france.com	turfvoyance.blogspot.com
1	www.maxannu.com	turfvoyance.blogspot.com
1	3.bp.blogspot.com	turfvoyance.blogspot.com
53	25

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.succes-turf.com
www.rapidoweb.free.fr
www.maxannu.com
www.top-france.com
www.hebdotop.com
www.zeitverschiebung.net

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-09-28` - `2022-01-11`	3 months	crt.sh
maxannu.com R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
top-france.com R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
www.hebdotop.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-09` - `2022-02-09`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
zeitverschiebung.net R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://turfvoyance.blogspot.com/?m=1
Frame ID: 481052D611F053B80973D31F6A7A5952
Requests: 34 HTTP requests in this frame

Frame: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis
Frame ID: 2AC2E44DBB57CC631D8B1E2139847A5B
Requests: 6 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Frame ID: 65A0430519D62C7D1F4968342879D004
Requests: 5 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__&bpli=1
Frame ID: E6D22AD3AC6E4B37F6979442CCA416D0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Turfvoyance: le site de référenceTurfvoyance: le site de référence pronostic 100% fiable

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

25
Subdomains

18
IPs

4
Countries

688 kB
Transfer

1588 kB
Size

1
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/12604722461568637656
Title: Turfvoyance

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=4410951185181139532

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4410951185181139532&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4410951185181139532&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4410951185181139532&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4410951185181139532&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=4410951185181139532&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=2492652275740115152

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2492652275740115152&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2492652275740115152&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2492652275740115152&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2492652275740115152&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=2492652275740115152&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=6355695702384984008

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6355695702384984008&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6355695702384984008&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6355695702384984008&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6355695702384984008&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=6355695702384984008&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=3039089011485393593&postID=1033761603483487704

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1033761603483487704&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1033761603483487704&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1033761603483487704&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1033761603483487704&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3039089011485393593&postID=1033761603483487704&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: http://www.succes-turf.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=2080

Search URL Search Domain Scan URL

URL: https://www.maxannu.com/turf/

Search URL Search Domain Scan URL

URL: https://www.top-france.com/humour-et-jeux/

Search URL Search Domain Scan URL

URL: http://www.hebdotop.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/partenaires/hit.php3?sp=997

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Signaler un abus

Search URL Search Domain Scan URL

URL: https://www.zeitverschiebung.net/fr/timezone/europe--paris
Title: Heure actuelleEurope/Paris

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https://turfvoyance.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__ HTTP 302
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://turfvoyance.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.9OTyQk26M2k.O/am%253DAQ/d%253D1/rs%253DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://turfvoyance.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.9OTyQk26M2k.O/am%253DAQ/d%253D1/rs%253DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/m%253D__features__%26bpli%3D1&go=true HTTP 302
https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__&bpli=1

Request Chain 48

https://www.google.com/s2/photos/public/AIbEiAIAAABECMi2r7ylj5z83AEiC3ZjYXJkX3Bob3RvKig2MTQ5ZDIyY2I0NDEyNzhjOGRmYmE3NDAxZmNiZGRmYjNkYzUzN2E4MAEFOaJ3EK10VbxJqkJ7Jvs40D4VTQ HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

Request Chain 49

https://www.google.com/s2/photos/public/AIbEiAIAAABCCOXbidrJ8s53Igt2Y2FyZF9waG90byooMDFjOGVhMGUwNGZjMjg1MjBjMDhkOGUwZTE4ZTNkZmI1YzA5NDZhNTABIsLwS-w72jw6tNmxWWGWti0aeuw HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

Request Chain 50

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKigxYTNhNTc5YjdhZDE1YTE4NTNlYWIwYjQ2MzRlOTBiYmEyMDQ5YmNjMAFU5urul_rFpTNovfRS1YKGLLZx3A HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

Request Chain 51

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJGzmdrtmNOpfiILdmNhcmRfcGhvdG8qKDkzYjI2ZGQ3YTZiZTU4MDViNDM5OThjY2RkNzdiMGU0ZmYzYjE4MTUwAQcTjV1Odh9oqg3DstvEkMokElD5 HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
turfvoyance.blogspot.com/ 210 KB
22 KB 429ms
364ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3e8b066cdea4203e5a4a234a989c2e76cc73cde51a465d462f4de5ce462f63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: turfvoyance.blogspot.com
:scheme: https
:path: /?m=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Wed, 20 Oct 2021 07:45:58 GMT
date: Wed, 20 Oct 2021 07:45:58 GMT
cache-control: private, max-age=0
last-modified: Tue, 19 Oct 2021 21:17:58 GMT
etag: W/"a523a6aba0b4c6c404c100c2f021ac79517985d41b8a3a629543bfd4ce533d50"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22473
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1667664774-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 98ms
16ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 17:32:41 GMT
x-content-type-options: nosniff
age: 569597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36164
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 23:52:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 13 Oct 2022 17:32:41 GMT

GET
H2 200 fuOpqLt6R2N2eYy8gblXUajZ6S1jVPUBvek4XushBYdCwckodzVr0sIjt9sRvubVtl9gCPUseYxLpVSO_2TvMbtquvg=s0-d
lh5.googleusercontent.com/proxy/ 94 KB
95 KB 69ms
29ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/fuOpqLt6R2N2eYy8gblXUajZ6S1jVPUBvek4XushBYdCwckodzVr0sIjt9sRvubVtl9gCPUseYxLpVSO_2TvMbtquvg=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

60d894af07b9c9f92c11e465275e4d58b22a489fe14d5897baba5c6219d7e679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96349
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 btn_buynowCC_LG.gif
www.paypalobjects.com/fr_XC/i/btn/ 2 KB
2 KB 132ms
39ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/fr_XC/i/btn/btn_buynowCC_LG.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e42337df62f1403bd434f1a1b7118653a05fc9471d2a002757b711cb0f5a580e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Oct 2021 05:28:17 GMT
server: Akamai Image Manager
etag: "5d5637c2-dd3"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 1832
expires: Wed, 20 Oct 2021 19:45:58 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/fr_XC/i/scr/ 42 B
290 B 128ms
35ms Image
image/gif 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/fr_XC/i/scr/pixel.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 02:07:40 GMT
server: Akamai Image Manager
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-transform, max-age=43200
content-length: 42
expires: Wed, 20 Oct 2021 19:45:58 GMT

GET
H2 200 AtteleAnim_70.gif
3.bp.blogspot.com/-ILP-5FZwTxI/VeCuDhOsvzI/AAAAAAAAAHk/0y-fdo6caVQ/w40-h37/ 6 KB
7 KB 89ms
36ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ILP-5FZwTxI/VeCuDhOsvzI/AAAAAAAAAHk/0y-fdo6caVQ/w40-h37/AtteleAnim_70.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9859de9304c3f048cd6451e04564446faee69f6c06b80ed003701905f9e7a5e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="AtteleAnim_70.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6512
x-xss-protection: 0
server: fife
etag: "v7a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Oct 2021 14:47:49 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w8-h7
lh4.googleusercontent.com/proxy/ 225 B
282 B 47ms
26ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w8-h7

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 tiR7ZavVRPP0yic20aezEK84TWqfSH6oQdBndqNoUX6CiCVvin2zfNodGCnr8_nHCAkIKrB2vSQRwZqBid1_h9dH7BeAvwv6AABqsyJCKciM=s0-d
lh4.googleusercontent.com/proxy/ 231 B
291 B 44ms
24ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/tiR7ZavVRPP0yic20aezEK84TWqfSH6oQdBndqNoUX6CiCVvin2zfNodGCnr8_nHCAkIKrB2vSQRwZqBid1_h9dH7BeAvwv6AABqsyJCKciM=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5e971293eecbd4743e971d335d7c2eecaeaec0e78fd35003546fa7125c6e707c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 Y6jUy_iM4XEj558ibqmpXFxmaMqHU9HrfoXavgAvBNvfYaQJUJyxiG7kbQRTVD-oUHGbG5jgaVqoymtBELoIHPS8wu9VqMGNSFHwvsqoIQWT=s0-d
lh6.googleusercontent.com/proxy/ 281 B
341 B 45ms
27ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/Y6jUy_iM4XEj558ibqmpXFxmaMqHU9HrfoXavgAvBNvfYaQJUJyxiG7kbQRTVD-oUHGbG5jgaVqoymtBELoIHPS8wu9VqMGNSFHwvsqoIQWT=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a28bc4a27ef2f61aae34506b9ea5f8ee5156bee3e5621ce85fdcdc26ce13df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 4bELEB4G-DbRUtFD42np713SOG6p6_FfTka4blitd39wCQPErvoFvQ2_rPQCCfFQR4fnwR_yWGnif70eVPfsnnkkOPqvZIjKXnvZ8XMjAllN=s0-d
lh6.googleusercontent.com/proxy/ 157 B
218 B 44ms
25ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/4bELEB4G-DbRUtFD42np713SOG6p6_FfTka4blitd39wCQPErvoFvQ2_rPQCCfFQR4fnwR_yWGnif70eVPfsnnkkOPqvZIjKXnvZ8XMjAllN=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7b17f86e12cea8945b8a2266909ee2a96da67e568bdf19bb73fcf331ec18d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=s0-d
lh4.googleusercontent.com/proxy/ 225 B
285 B 43ms
24ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 WK0RYWgm1_SLfaR0O2jU19m6TOnXQelMD2mD_sGIyu2aAi7MY5i5SF56ASjAr8f7JmTFr9ALL8s4XLqma7dG-65jixY76RCwPJgLCBGcxqVL4-7BnRA=s0-d
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 29ms
26ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/WK0RYWgm1_SLfaR0O2jU19m6TOnXQelMD2mD_sGIyu2aAi7MY5i5SF56ASjAr8f7JmTFr9ALL8s4XLqma7dG-65jixY76RCwPJgLCBGcxqVL4-7BnRA=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

58a94b1a2f14438fd6a8ebd92d8ce8fd07a7073145e23af346f47cff3bdfb205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2281
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w37-h13
lh4.googleusercontent.com/proxy/ 225 B
305 B 45ms
26ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/yrxHJOodnIKi2Uipux6Dg0FbRTFkA8FLwgtRN9YkL1aaOMDGiMr5u-uoWsKWDf_SnTg4GNgDKoIvy1Q5NXRBZR-AOlurL7RL8OLu6KgzbxyH=w37-h13

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 icon18_email.gif
resources.blogblog.com/img/ 164 B
303 B 29ms
26ms Image
image/gif 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_email.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 06:33:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 18:53:03 GMT
server: sffe
age: 522719
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 21 Oct 2021 06:33:59 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 117ms
115ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3039089011485393593&zx=c0e5971a-1f79-4489-9ace-60871a9574e3

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Oct 2021 07:45:58 GMT
server: GSE
date: Wed, 20 Oct 2021 07:45:58 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1LhV-gEi50KSEPcg-8KsAEuNwMUvkFzlIaOys7TaTVO3wLFe-oQSUrLH7FX_VzyTIsV_Y9Q1-1CuWkDtfJLWibHdxoUWkGFdtw=s0-d
lh5.googleusercontent.com/proxy/ 11 KB
11 KB 30ms
28ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/1LhV-gEi50KSEPcg-8KsAEuNwMUvkFzlIaOys7TaTVO3wLFe-oQSUrLH7FX_VzyTIsV_Y9Q1-1CuWkDtfJLWibHdxoUWkGFdtw=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e7fafb5276ad34b1faecff7789d7d7a36234a6b6873938021bc28687c05afe27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11157
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d
lh6.googleusercontent.com/proxy/ 2 KB
2 KB 34ms
17ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:48:35 GMT
x-content-type-options: nosniff
server: fife
age: 14243
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1762
x-xss-protection: 0
expires: Thu, 21 Oct 2021 03:48:35 GMT

GET
H/1.1 200
OK max88.gif
www.maxannu.com/ 7 KB
7 KB 119ms
14ms Image
image/gif 51.254.50.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maxannu.com/max88.gif

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.254.50.144 , France, ASN16276 (OVH, FR),

Reverse DNS

ip144.ip-51-254-50.eu

Software

Apache / PleskLin

Resource Hash

d4b3765a539672defd8114ed24664cf3ea2660abe454cd021be1df9b43002eb8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 07:45:58 GMT
ETag: "1acd-499a8d6f860c0"
Last-Modified: Wed, 12 Jan 2011 16:39:07 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6861
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Nov 2021 07:45:58 GMT

GET
H/1.1 200
OK top88.png
www.top-france.com/ 2 KB
2 KB 127ms
18ms Image
image/png 2001:41d0:a:7c5c::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.top-france.com/top88.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:a:7c5c:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

0dcd504d9092c4f44f60de4168e0711ff0b062d3306bf91b9efc9522134cda2c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 07:45:58 GMT
ETag: "67f-589037095a746"
Last-Modified: Thu, 16 May 2019 16:05:50 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1663
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Nov 2021 07:45:58 GMT

GET
H/1.1 200
OK hebdotop.eur Show response
www.hebdotop.com/cgi-bin/ 436 B
556 B 333ms
19ms Script
text/html 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=308212
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 Paris, France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 8656283d9838c7ce4e6b956a150fce2422aad7b4cd29ee898682a4d47c8f6b33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 07:45:57 GMT
Content-Encoding: gzip
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100

GET
H2 200 sgngLku0Ia98M23ut8AKPKY5RzDinzCH8nHR7XeyIPyvjmuCNa1tYZ76E_Ejvm5j0oTuIS3U1AJ-uRx3YoDdcyazCJECqsPZ=s0-d
lh5.googleusercontent.com/proxy/ 4 KB
4 KB 17ms
15ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/sgngLku0Ia98M23ut8AKPKY5RzDinzCH8nHR7XeyIPyvjmuCNa1tYZ76E_Ejvm5j0oTuIS3U1AJ-uRx3YoDdcyazCJECqsPZ=s0-d

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f2a064f0f83b6c30b35990181033cd436ebebedce644fd9a1014e2110c45b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:45:50 GMT
x-content-type-options: nosniff
server: fife
age: 7208
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4414
x-xss-protection: 0
expires: Thu, 21 Oct 2021 05:45:50 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 103ms
61ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AhLx081IgjkK3gbSyi2TUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-AhLx081IgjkK3gbSyi2TUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 20 Oct 2021 07:45:58 GMT

GET
H2 200 pmummmmmm.jpg
1.bp.blogspot.com/-yZLqIaBFfdU/YRK2QzQ2FiI/AAAAAAAAADo/Gc2NWwyVKpsvM-_reKYx2EpLVC8--o-oACLcBGAsYHQ/s491/ 30 KB
30 KB 54ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-yZLqIaBFfdU/YRK2QzQ2FiI/AAAAAAAAADo/Gc2NWwyVKpsvM-_reKYx2EpLVC8--o-oACLcBGAsYHQ/s491/pmummmmmm.jpg

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f25918443016d607f44e9304001cb2cf31c52e6ff41668fcd75c254343a379f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v3b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pmummmmmm.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30224
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:58 GMT

GET
H2 200 feed Show response
www.pronostic-facile.fr/widget/turfvoyance/script/ 245 B
950 B 235ms
180ms Script
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/turfvoyance/script/feed
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56de4f5abfaadaf18f849b27be85cab2babec47589fda74cd3e1d673f4edec16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime: 3
date: Wed, 20 Oct 2021 07:45:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt4ZzWA3kkXN7313BdheU3RY1YCwC2mypnPgWH9cwF8Ix5ZP4AJ%2FI8dnWzkSE3BnB0dPPIApHq9Y%2FujGRaFLMAnBcmbuoUf1G%2F7kDRILxYUAcOVc0jBLBAtEXKw6I59pbtVg%2BRb1nr5uue6spVsIvIr63wQyeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 6a10a13369e1375c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookienotice.js Show response
turfvoyance.blogspot.com/js/ 6 KB
7 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://turfvoyance.blogspot.com/js/cookienotice.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: turfvoyance.blogspot.com
referer: https://turfvoyance.blogspot.com/?m=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/?m=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 22:51:07 GMT
x-content-type-options: nosniff
age: 118491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6513
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 21:53:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 25 Oct 2021 22:51:07 GMT

GET
H2 200 3210254948-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3210254948-widgets.js

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 02:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56872
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 18:53:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 18 Oct 2022 02:06:58 GMT

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
516 B 20ms
18ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 01:01:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Oct 2021 00:51:39 GMT
server: sffe
age: 24245
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 27 Oct 2021 01:01:53 GMT

GET
H2 200 body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 95 B
301 B 20ms
19ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 18:11:54 GMT
x-content-type-options: nosniff
age: 135244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 04:52:18 GMT
server: sffe
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 25 Oct 2021 18:11:54 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 21ms
21ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:00:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 Oct 2021 06:49:28 GMT
server: sffe
age: 243913
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 24 Oct 2021 12:00:45 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
88 B 487ms
487ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3039089011485393593&zx=c0e5971a-1f79-4489-9ace-60871a9574e3

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Oct 2021 07:45:58 GMT
server: GSE
date: Wed, 20 Oct 2021 07:45:58 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vote27670.eur
www.hebdotop.com/cgi-bin/ 181 B
389 B 19ms
19ms Image
image/png 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hebdotop.com/cgi-bin/vote27670.eur?id=308212
Requested by: Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 Paris, France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 07:45:57 GMT
Server: Apache/2.2.22 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 204 KB
69 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c43269b5c0996ce44e1549fbab1fa2646828e807d5a5105363d847d127b01280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70181
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:48:41 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 3 KB
751 B 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc88265d5a48e7dd8ca1546453cc85e491a2a1ae73bbfd032692deb9ecc89688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 658
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:51:43 GMT

GET
H2 200 clock-widget-iframe-v2 Show response
www.zeitverschiebung.net/ Frame 2AC2 5 KB
2 KB 50ms
18ms Document
text/html 178.254.1.54
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Requested by

Host: turfvoyance.blogspot.com
URL: https://turfvoyance.blogspot.com/?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.254.1.54 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

hello-world.digital

Software

nginx / PHP/7.3.31 PleskLin

Resource Hash

3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:method: GET
:authority: www.zeitverschiebung.net
:scheme: https
:path: /clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 07:45:58 GMT
content-type: text/html; charset=UTF-8
content-length: 1908
x-powered-by: PHP/7.3.31 PleskLin
vary: Accept-Encoding
content-encoding: gzip
x-cache-status: BYPASS
strict-transport-security: max-age=15768000; includeSubDomains

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/turfvoyance/feed/ Frame 65A0 14 KB
6 KB 61ms
60ms Document
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/script/feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566af9871dd5a98a1b2b57550a61b8219e123efac63c85cb773e8e34280a94eb

Request headers

:method: GET
:authority: www.pronostic-facile.fr
:scheme: https
:path: /widget/turfvoyance/feed/all
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-runtime: 1
cache-control: private, max-age=0, must-revalidate
set-cookie: _pronostic_facile_session=BAh7BzoPc2Vzc2lvbl9pZCIlMjdmNDE4ODhlY2Y3MTIxZjEzYThhZjY2MGE1N2NmODQ6DHJlZmVyZXIiJmh0dHBzOi8vdHVyZnZveWFuY2UuYmxvZ3Nwb3QuY29tLw%3D%3D--178fc9ad4795a5d7b50b1287304a32053d05d388; path=/; HttpOnly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUjUdL1O8B2rmICJ3xllbsYkoVnxd9XdRVPmWFIW%2Fx8teePtjlOmxbv6x4Uq9SH0QbAbDgJXdcWQujI8rv8q83zhMKXaOd1Z3a8FISvNxe5eqfqPzLsYJRRWsOkU%2FCi2Dghx%2BSyXiGJGE1oS94zFlU05HJXkwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a10a1356c97375c-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 81 KB
29 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e724117f12124e5782948a79c4cd2d34028b4eae4c70524ff66fa58eecd11210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29430
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 22:11:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="product-feedback-gathering"
expires: Wed, 20 Oct 2021 08:21:29 GMT

GET
H2

200

followers.g Show response
www.blogger.com/ Frame E6D2
Redirect Chain

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZ...
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3039089011485393593%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMW...
https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZ...

7 KB
2 KB

186ms
185ms

Document
text/html

2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__&bpli=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d14c6cdbae8d740f036d27e1f84053a9a4bddbc334622ea8a6653a8b5ead3877

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turfvoyance.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://turfvoyance.blogspot.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 20 Oct 2021 07:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2353
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 20 Oct 2021 07:45:59 GMT
location: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport script-src 'report-sample' 'nonce-Emovgs2Pu2Udenr7OmPN2Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 474
server: GSE
set-cookie: __Host-GAPS=1:WkngxFz2wHtvnKQ9zhP-hdE3ZHz4FA:_Mxv33rtgGebQ9vJ;Path=/;Expires=Fri, 20-Oct-2023 07:45:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ Frame 2AC2 3 KB
1 KB 63ms
23ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 07:30:29 GMT
server: ESF
date: Wed, 20 Oct 2021 07:45:58 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 07:45:58 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 2AC2 95 KB
34 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 18 Oct 2022 17:21:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2AC2 91 KB
36 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f46a333e504d3f5ecf7b976ebdadd891d7b8e057483c3df7a0d9ad18319cf654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36777
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 07:45:58 GMT

GET
H2 200 rss-fp-1612893811.png
cdn3.pronostic-facile.fr/images/icones/16x16/ Frame 65A0 739 B
1 KB 35ms
23ms Image
image/png 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
via: 1.1 1b96443527f684c809162d975cdd968f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1730906
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 739
cf-request-id: 082990661d00002c010b162000000001
last-modified: Tue, 09 Feb 2021 18:03:31 GMT
server: cloudflare
etag: "6022ce73-2e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e%2FTW6esNKWWJ8qPdZ7QxtILLMjbGFQt36IXaE5tFBp9MXXoMw8bBfWzu6rs8DKB1o2EfY2F6Ctvtr%2FbhNp85ijUk8f5lNUcQfXhEjKWCVGJxm62F%2BnpsBg%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6a10a1361d76375c-MXP
x-amz-cf-id: TrTWqH1PAywAYNORCco2Pns-fOUUhHLU-vE42iTzOxqhDHtnInKGPg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 65A0 91 KB
36 KB 66ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/turfvoyance/feed/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a76be719bf0ab80e040577c5494110c6f8140680f61830cff26c9154718fcae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36778
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 07:45:58 GMT

GET
DATA 200
OK truncated
/ Frame 65A0 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 2AC2 16 KB
17 KB 54ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zeitverschiebung.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:06:43 GMT
x-content-type-options: nosniff
age: 484755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16736
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Oct 2022 17:06:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 65A0 48 KB
20 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 3541
date: Wed, 20 Oct 2021 06:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 20 Oct 2021 08:46:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2AC2 48 KB
19 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 3541
date: Wed, 20 Oct 2021 06:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 20 Oct 2021 08:46:57 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ Frame E6D2 52 KB
20 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=3039089011485393593&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByNhYjZjMWYqByNGQ0U4QjIyByMwMDAwMDA6ByMwMDAwMDBCByNhYjZjMWZKByM5NDk0OTRSByNhYjZjMWZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fturfvoyance.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RH2Wm/yqKoAvkj1kl40hUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-RH2Wm/yqKoAvkj1kl40hUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 20 Oct 2021 07:45:59 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame E6D2 147 KB
50 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 08:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51558
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 08:44:10 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame E6D2 36 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d80cf5756d947df0137f87c15656732f2209aef2d77cf95f0369c3ac9e6466a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12049
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:46:55 GMT

GET
H2

200

AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p
lh3.googleusercontent.com/a-/ Frame E6D2
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECMi2r7ylj5z83AEiC3ZjYXJkX3Bob3RvKig2MTQ5ZDIyY2I0NDEyNzhjOGRmYmE3NDAxZmNiZGRmYjNkYzUzN2E4MAEFOaJ3EK10VbxJqkJ7Jvs40D4VTQ
https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

4 KB
5 KB

29ms
29ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

328878c68065e40d660ad007779bfeb6b8e7b06e02dc96f91ca8c04e71119c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v3b69"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4579
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:59 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 07:45:59 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GjTyiTEENjUSpR_m0UYz6bWAnI10MSqBE0VFcMJog=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'report-sample' 'nonce-Y97xNXqapdmD45XWpiG/gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-Y97xNXqapdmD45XWpiG/gw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p
lh3.googleusercontent.com/a-/ Frame E6D2
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABCCOXbidrJ8s53Igt2Y2FyZF9waG90byooMDFjOGVhMGUwNGZjMjg1MjBjMDhkOGUwZTE4ZTNkZmI1YzA5NDZhNTABIsLwS-w72jw6tNmxWWGWti0aeuw
https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

4 KB
4 KB

30ms
30ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e336a14c52d3cee99f2eceb3e841453581452f4970dcdf5a9bcfada14e1620d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:59 GMT
x-content-type-options: nosniff
server: fife
etag: "vd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4218
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:59 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 07:45:59 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GgLDAlEB8iG-xWTw2KMhizxN4azjcgyTc9icJ-l=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-bHgl64B7BtyXoMr7OOcLKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-bHgl64B7BtyXoMr7OOcLKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p
lh3.googleusercontent.com/a-/ Frame E6D2
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKigxYTNhNTc5YjdhZDE1YTE4NTNlYWIwYjQ2MzRlOTBiYmEyMDQ5YmNjMAFU5urul_rFpTNovfRS1YKGLLZx3A
https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

3 KB
3 KB

15ms
15ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e966b3402343a48652b6ca544d35480c652b337ef8242d85103ba9f91f0847d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:08:15 GMT
x-content-type-options: nosniff
age: 2264
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3067
x-xss-protection: 0
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:21:42 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 07:45:59 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhjDCh8J7mIyxBVmVmBBSmt09d45MSSD6qcIhtT=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'report-sample' 'nonce-ibYc3WjMbEZdPie+VvN7rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-ibYc3WjMbEZdPie+VvN7rw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p
lh3.googleusercontent.com/a-/ Frame E6D2
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJGzmdrtmNOpfiILdmNhcmRfcGhvdG8qKDkzYjI2ZGQ3YTZiZTU4MDViNDM5OThjY2RkNzdiMGU0ZmYzYjE4MTUwAQcTjV1Odh9oqg3DstvEkMokElD5
https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

5 KB
5 KB

31ms
30ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

42c101ed2f5648ed63a63e0a142e64110ef49d13bbe2dfc5527070488967f85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:45:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v4ad"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5530
x-xss-protection: 0
expires: Thu, 21 Oct 2021 07:45:59 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 07:45:59 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
x-frame-options: SAMEORIGIN
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhI04DF7nR_MPGbUZakNzRPOoKS23CbHAu17PXpaA=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-z2K/uZTRckCPokbGrbIEcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-z2K/uZTRckCPokbGrbIEcw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default-user=s45-c
lh3.googleusercontent.com/a/ Frame E6D2 316 B
434 B 18ms
17ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/default-user=s45-c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:25:41 GMT
x-content-type-options: nosniff
age: 8418
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
server: fife
etag: "v0"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 21 Oct 2021 05:25:41 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 02:28:47	Name: NID Value: 511=mAtsfqrzcNAQY86t72OpIeDaN-JQsFKEx4OZHlFyvCsRpIaVV3WC_zO5d_6mFW1nKxr9cYL45k3RuA9x1IjdW0JrkF5Hu4ltezxfGZetyywYA_DjIMXG_qe5A8SUzAHk0WOz25txcrxsabNO8SB3JMdP_pxRbmqATIQ2WuHEugs

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
accounts.google.com
ajax.googleapis.com
apis.google.com
cdn3.pronostic-facile.fr
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
resources.blogblog.com
turfvoyance.blogspot.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.hebdotop.com
www.maxannu.com
www.paypalobjects.com
www.pronostic-facile.fr
www.top-france.com
www.zeitverschiebung.net
104.111.228.123
178.254.1.54
2001:41d0:a:7c5c::
213.246.57.128
2606:4700:3034::ac43:c8d8
2a00:1450:4001:802::2003
2a00:1450:4001:802::2009
2a00:1450:4001:803::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::200d
51.254.50.144
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0a76be719bf0ab80e040577c5494110c6f8140680f61830cff26c9154718fcae
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0dcd504d9092c4f44f60de4168e0711ff0b062d3306bf91b9efc9522134cda2c
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
2a28bc4a27ef2f61aae34506b9ea5f8ee5156bee3e5621ce85fdcdc26ce13df1
2e966b3402343a48652b6ca544d35480c652b337ef8242d85103ba9f91f0847d
328878c68065e40d660ad007779bfeb6b8e7b06e02dc96f91ca8c04e71119c51
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565
42c101ed2f5648ed63a63e0a142e64110ef49d13bbe2dfc5527070488967f85d
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
4f2a064f0f83b6c30b35990181033cd436ebebedce644fd9a1014e2110c45b1a
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
566af9871dd5a98a1b2b57550a61b8219e123efac63c85cb773e8e34280a94eb
56de4f5abfaadaf18f849b27be85cab2babec47589fda74cd3e1d673f4edec16
58a94b1a2f14438fd6a8ebd92d8ce8fd07a7073145e23af346f47cff3bdfb205
5e971293eecbd4743e971d335d7c2eecaeaec0e78fd35003546fa7125c6e707c
60d894af07b9c9f92c11e465275e4d58b22a489fe14d5897baba5c6219d7e679
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69d2a48d69d1c529320b56167839222bed9656bf231dda7818eb7a32d1ee8aec
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c
7b17f86e12cea8945b8a2266909ee2a96da67e568bdf19bb73fcf331ec18d1f2
7e336a14c52d3cee99f2eceb3e841453581452f4970dcdf5a9bcfada14e1620d
8656283d9838c7ce4e6b956a150fce2422aad7b4cd29ee898682a4d47c8f6b33
9859de9304c3f048cd6451e04564446faee69f6c06b80ed003701905f9e7a5e9
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
c3e8b066cdea4203e5a4a234a989c2e76cc73cde51a465d462f4de5ce462f63b
c43269b5c0996ce44e1549fbab1fa2646828e807d5a5105363d847d127b01280
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
d14c6cdbae8d740f036d27e1f84053a9a4bddbc334622ea8a6653a8b5ead3877
d4b3765a539672defd8114ed24664cf3ea2660abe454cd021be1df9b43002eb8
d80cf5756d947df0137f87c15656732f2209aef2d77cf95f0369c3ac9e6466a8
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
dc88265d5a48e7dd8ca1546453cc85e491a2a1ae73bbfd032692deb9ecc89688
e42337df62f1403bd434f1a1b7118653a05fc9471d2a002757b711cb0f5a580e
e724117f12124e5782948a79c4cd2d34028b4eae4c70524ff66fa58eecd11210
e7fafb5276ad34b1faecff7789d7d7a36234a6b6873938021bc28687c05afe27
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f25918443016d607f44e9304001cb2cf31c52e6ff41668fcd75c254343a379f1
f46a333e504d3f5ecf7b976ebdadd891d7b8e057483c3df7a0d9ad18319cf654
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

turfvoyance.blogspot.com Open in urlscan Pro 2a00:1450:4001:803::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

79 %IPv6

15 Domains

25 Subdomains

18 IPs

4 Countries

688 kBTransfer

1588 kBSize

1 Cookies

35 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

turfvoyance.blogspot.com Open in urlscan Pro
2a00:1450:4001:803::2001 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

25
Subdomains

18
IPs

4
Countries

688 kB
Transfer

1588 kB
Size

1
Cookies

53 HTTP transactions
1 data transactions