mariacourse.blogspot.com Open in urlscan Pro
2a00:1450:4001:80e::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mariacourse.blogspot.com/?m=1
Submission: On July 04 via manual (July 4th 2022, 5:21:56 pm UTC) from BF — Scanned from DE

Summary HTTP 69 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 69 HTTP transactions. The main IP is 2a00:1450:4001:80e::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is mariacourse.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on June 6th 2022. Valid for: 3 months.

This is the only time mariacourse.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2009	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1	178.254.1.54 178.254.1.54	42730 (EVANZOAS) (EVANZOAS)
6	2606:4700:303... 2606:4700:3034::6815:15de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	213.246.57.128 213.246.57.128	21409 (IKOULA) (IKOULA)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
8 12	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:449a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	62.210.16.61 62.210.16.61	12876 (Online SAS) (Online SAS)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
69	21

21 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mariacourse.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.254.1.54 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: hello-world.digital

www.zeitverschiebung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3034::6815:15de (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.246.57.128 (France)

ASN21409 (IKOULA, FR)
PTR: www.allosponsor.com

www.allosponsor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3038::6815:ea1a (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:449a (United States)

ASN13335 (CLOUDFLARENET, US)

www.mega-turf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.210.16.61 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: pf-lb-1.online.net

www.toutimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	blogspot.com mariacourse.blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 12837 1.bp.blogspot.com — Cisco Umbrella Rank: 9765 3.bp.blogspot.com — Cisco Umbrella Rank: 12414 4.bp.blogspot.com — Cisco Umbrella Rank: 12431	744 KB
12	root-top.com 8 redirects img.root-top.com	37 KB
6	pronostic-facile.fr www.pronostic-facile.fr	10 KB
5	toutimages.com www.toutimages.com	10 KB
5	allosponsor.com www.allosponsor.com	5 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	21 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 ajax.googleapis.com — Cisco Umbrella Rank: 307 translate.googleapis.com — Cisco Umbrella Rank: 1212	115 KB
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 8410	92 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	59 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	119 KB
2	mega-turf.fr www.mega-turf.fr	50 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1325	10 KB
2	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 15196 lh3.googleusercontent.com — Cisco Umbrella Rank: 143	78 KB
1	google.com translate.google.com — Cisco Umbrella Rank: 1433	27 KB
1	zeitverschiebung.net www.zeitverschiebung.net — Cisco Umbrella Rank: 213592	2 KB
1	allopass.com payment.allopass.com	3 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 15941	542 B
69	17

	Domain	Requested by
12	img.root-top.com	8 redirects mariacourse.blogspot.com
9	1.bp.blogspot.com	mariacourse.blogspot.com
6	www.pronostic-facile.fr	mariacourse.blogspot.com www.pronostic-facile.fr static.cloudflareinsights.com
5	www.toutimages.com	mariacourse.blogspot.com www.toutimages.com
5	3.bp.blogspot.com	mariacourse.blogspot.com
5	www.allosponsor.com	mariacourse.blogspot.com www.allosponsor.com
4	www.blogger.com	mariacourse.blogspot.com
3	www.gstatic.com	mariacourse.blogspot.com translate.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	www.zeitverschiebung.net www.pronostic-facile.fr
3	2.bp.blogspot.com	mariacourse.blogspot.com
2	translate.googleapis.com
2	www.mega-turf.fr	mariacourse.blogspot.com
2	4.bp.blogspot.com	mariacourse.blogspot.com
2	static.cloudflareinsights.com	www.pronostic-facile.fr
2	mariacourse.blogspot.com	mariacourse.blogspot.com
1	lh3.googleusercontent.com	mariacourse.blogspot.com
1	translate.google.com	mariacourse.blogspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	www.zeitverschiebung.net
1	fonts.googleapis.com	www.zeitverschiebung.net
1	www.zeitverschiebung.net	mariacourse.blogspot.com
1	payment.allopass.com	mariacourse.blogspot.com
1	resources.blogblog.com	mariacourse.blogspot.com
1	blogger.googleusercontent.com	mariacourse.blogspot.com
69	25

This site contains links to these domains. Also see Links.

Domain
www.zeitverschiebung.net
www.allosponsor.com
www.root-top.com
chevalcourse.wixsite.com
www.blogger.com
turfologie.fr.gd
jeupmu.wixsite.com
fortunepmu.fr.gd
translate.google.com
turfpmu.fr.gd
elvyturf.blogspot.com
www.triotierce.fr.gd
www.basecouple.fr.gd
www.franckyturf.fr.gd
www.jeugagnant.fr.gd
www.supportduweb.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.allopass.com Gandi Standard SSL CA 2	`2021-10-08` - `2022-10-08`	a year	crt.sh
zeitverschiebung.net R3	`2022-06-27` - `2022-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
www.allosponsor.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-06` - `2022-07-06`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
toutimages.com R3	`2022-04-27` - `2022-07-26`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://mariacourse.blogspot.com/?m=1
Frame ID: F9E2D5F451A18C10EBAF88EB4F6DAB4D
Requests: 49 HTTP requests in this frame

Frame: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis
Frame ID: 170C382FEEF78CAD7CA37A2C7F7737AB
Requests: 6 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/mariacourse/quinte_result/all
Frame ID: FA6B773153D6BDA0FA5AB378D365F4AE
Requests: 5 HTTP requests in this frame

Frame: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88326&type=3&affc=1&s=1
Frame ID: E3C142BA25DF37A7806FB330C4234F02
Requests: 1 HTTP requests in this frame

Frame: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88326&affc=1&s=1
Frame ID: FE79333813DE96C170AFFB6ABCACBCDF
Requests: 1 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Frame ID: CCF655863BC716AB64F08085BA0C5C18
Requests: 5 HTTP requests in this frame

Frame: https://www.toutimages.com/calendriers/calendrier_004.htm
Frame ID: 8AEFAD16CE4080FA165CCEC5953A98BB
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: E2D48BCCACFFD42B965C8F3EBA7E81E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MARIACOURSE

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

88 %
HTTPS

79 %
IPv6

17
Domains

25
Subdomains

21
IPs

3
Countries

1383 kB
Transfer

2488 kB
Size

0
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zeitverschiebung.net/fr/timezone/europe--paris
Title: Heure actuelleEurope/Paris

Search URL Search Domain Scan URL

URL: https://www.allosponsor.com/
Title: AlloSponsor.com

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/sitespmu/in.php?ID=14

Search URL Search Domain Scan URL

URL: https://chevalcourse.wixsite.com/chevalcourse

Search URL Search Domain Scan URL

URL: https://www.blogger.com/

Search URL Search Domain Scan URL

URL: https://turfologie.fr.gd/

Search URL Search Domain Scan URL

URL: https://jeupmu.wixsite.com/pmufr

Search URL Search Domain Scan URL

URL: https://fortunepmu.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfoscope/in.php?ID=839

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfbase/in.php?ID=693

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=1292

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/tofturf/in.php?ID=1181

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://turfpmu.fr.gd/

Search URL Search Domain Scan URL

URL: https://elvyturf.blogspot.com/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/starquinte/in.php?ID=160

Search URL Search Domain Scan URL

URL: http://www.triotierce.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.basecouple.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.franckyturf.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.jeugagnant.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/genycoursegagnant/in.php?ID=29

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/megaturf/in.php?ID=1306

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topturfjs/in.php?ID=2147

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baseprono/in.php?ID=472

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/quinte/in.php?ID=529

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/canalinfo/in.php?ID=221

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/andreturf/in.php?ID=497

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/les2tocards2021/in.php?ID=12

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/lesetoilesduturf/in.php?ID=432

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topdesparieurs/in.php?ID=11

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuturf/in.php?ID=577

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/guideturf/in.php?ID=504

Search URL Search Domain Scan URL

URL: http://www.supportduweb.com/compteur-global-gratuit-sans-inscription-live-pages-vues-visites.html

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://img.root-top.com/topsite/turfoscope/banner.gif HTTP 302
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Request Chain 33

https://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 302
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Request Chain 34

https://img.root-top.com/topsite/tofturf/banner.gif HTTP 302
https://1.bp.blogspot.com/-ErrN1fyEVII/YUYb8fjqzsI/AAAAAAAAIL8/__BBHyIjNQM50jfIdNvkMH7n9wU-0a8OACLcBGAsYHQ/s0/tofturf.gif

Request Chain 45

https://img.root-top.com/topsite/megaturf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

Request Chain 46

https://img.root-top.com/topsite/topturfjs/banner.gif HTTP 302
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Request Chain 47

https://img.root-top.com/topsite/baseprono/banner.gif HTTP 302
https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

Request Chain 48

https://img.root-top.com/topsite/quinte/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif

Request Chain 51

https://img.root-top.com/topsite/pmuturf/banner.gif HTTP 302
https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif

69 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mariacourse.blogspot.com/ 435 KB
268 KB 408ms
332ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c06e44cceaa172a48dc58b0e8249c031648c30f4117f7714d80d9cbe6e760630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 274190
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 17:21:49 GMT
etag: W/"753bb41a9a9f7ccc1ea597feb154696b4b00dee35a9629fcde8dcc4d7ea3e06f"
expires: Mon, 04 Jul 2022 17:21:49 GMT
last-modified: Sun, 03 Jul 2022 21:28:17 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 87ms
19ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 11:33:29 GMT
x-content-type-options: nosniff
age: 193701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35960
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:55:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 02 Jul 2023 11:33:29 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 160ms
114ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3052082486833360568&zx=bbfdf93f-574a-4ceb-89c5-28ac519878db

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 17:21:50 GMT
server: GSE
date: Mon, 04 Jul 2022 17:21:50 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AVvXsEhQ85yzxBWF2igY9R3MNnNINRtRKS970SIbyYnC6E2OZShLgnWbT-bH1Y6ouhXRTYjkIDfajgv1Y1avvDbifc51IBxOlkcwiDBXvWB9KVss2cB7fJG7PDS4zKXJImIODFID-B_5eFOIBQH_xoE_527I2AnMQB9lRfRc_jhGPibHjMw-BQItpui4zSqEnA=s1080
blogger.googleusercontent.com/img/a/ 78 KB
78 KB 468ms
406ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhQ85yzxBWF2igY9R3MNnNINRtRKS970SIbyYnC6E2OZShLgnWbT-bH1Y6ouhXRTYjkIDfajgv1Y1avvDbifc51IBxOlkcwiDBXvWB9KVss2cB7fJG7PDS4zKXJImIODFID-B_5eFOIBQH_xoE_527I2AnMQB9lRfRc_jhGPibHjMw-BQItpui4zSqEnA=s1080

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

62db5c5684a840765e094a7b2ac0965de379616f2717aa824ab6d00dcbac16e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v345"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LOGO MARIACOURSE 21.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79378
x-xss-protection: 0
expires: Tue, 05 Jul 2022 17:21:50 GMT

GET
H2 200 Mariaturf.jpg
2.bp.blogspot.com/-tfki1dqCRjA/YBc4divSplI/AAAAAAAAAjo/j4eOCPGf46gTG_QSDnxQSaJ-wK1of94sQCK4BGAYYCw/w1600/ 83 KB
83 KB 184ms
183ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-tfki1dqCRjA/YBc4divSplI/AAAAAAAAAjo/j4eOCPGf46gTG_QSDnxQSaJ-wK1of94sQCK4BGAYYCw/w1600/Mariaturf.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22000ce511e8cb51e1e165de72d2c7ba0319d422daaaec5302d5fa8850eab605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Mariaturf.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85276
x-xss-protection: 0
server: fife
etag: "v23d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Jul 2022 08:47:45 GMT

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
542 B 21ms
21ms Image
image/png 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:13:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Jun 2022 04:51:38 GMT
server: sffe
age: 598089
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 04 Jul 2022 19:13:41 GMT

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b94f530ef15ed040a11efe301ac983221efa13f676ac6967d9e64d806a666365

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1 200
OK creditcard.gif
payment.allopass.com/images/common/logos/large/ 3 KB
3 KB 312ms
30ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/images/common/logos/large/creditcard.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: de7a53bd6dd86a48393788feb7c5bd0940346d7641c5bf83a7ac740745332bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:50 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "20696-cab-5d0e804cbabc0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 3243

GET
H2 200 clock-widget-iframe-v2 Show response
www.zeitverschiebung.net/ Frame 170C 5 KB
2 KB 75ms
22ms Document
text/html 178.254.1.54
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.254.1.54 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

hello-world.digital

Software

nginx / PHP/7.3.33 PleskLin

Resource Hash

3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://mariacourse.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 1908
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 17:21:50 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-cache-status: BYPASS
x-powered-by: PHP/7.3.33 PleskLin

GET
H2 200 quinte_result Show response
www.pronostic-facile.fr/widget/mariacourse/script/ 254 B
912 B 99ms
46ms Script
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/mariacourse/script/quinte_result
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6097426a48c1454fcb02acae3dc63e13a5e885ee8dd96cebcd790a273ad88fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-runtime: 1
date: Mon, 04 Jul 2022 17:21:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iR8Pf4qMixyZLK6okOMplK%2FHrOp1ATtBz5wLSzCik5TAN47IS0l8s5aSTF5rfsEPVJclMMj8s8OUyodR9zy46XmPXybUtV0l5kPwCsa7Bo5uQ2aTUu7orrP9YcTX7GgN3TMIgmP2Mymb5rwAkmeKbFoNkMKRYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 72598a210e129143-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK iframe_sponsor.eur Show response
www.allosponsor.com/cgi-bin/ 7 KB
2 KB 272ms
64ms Script
text/html 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88326&type=3&popinto=1&s=1
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 84f3c357dbe9dba48cb4d669762446b97966544ba3b469bcac7ce7d06657705b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:48 GMT
Content-Encoding: gzip
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100

GET
H2 200 1.gif
1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/ 12 KB
12 KB 37ms
36ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/1.gif

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11928
x-xss-protection: 0
server: fife
etag: "v7b"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 00:15:59 GMT

GET
H2 200 2.jpg
1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/ 7 KB
7 KB 184ms
183ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/2.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: fife
etag: "v7b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Jun 2022 20:02:32 GMT

GET
H2 200 3-Turfologie.jpg
3.bp.blogspot.com/-zwjuKdNa14s/WePvg3gSBwI/AAAAAAAAAH8/ES_tMDYbmLApyDXZo_3gPkl_lQz_C5IngCLcBGAs/s1600/ 7 KB
8 KB 65ms
63ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-zwjuKdNa14s/WePvg3gSBwI/AAAAAAAAAH8/ES_tMDYbmLApyDXZo_3gPkl_lQz_C5IngCLcBGAs/s1600/3-Turfologie.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b85d577c9372317faa6365a789a52e6217c407d61e1c637ecb088e7b075e39ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="3-Turfologie.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7655
x-xss-protection: 0
server: fife
etag: "v80"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 00:15:59 GMT

GET
H2 200 4-Jeupmu.jpg
2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/ 3 KB
3 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/4-Jeupmu.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="4-Jeupmu.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2672
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 00:15:58 GMT

GET
H2 200 7-Fortunepmu.jpg
3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/ 7 KB
7 KB 195ms
194ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/7-Fortunepmu.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="7-Fortunepmu.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7373
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 00:15:59 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
88 B 116ms
115ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3052082486833360568&zx=bbfdf93f-574a-4ceb-89c5-28ac519878db

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 17:21:50 GMT
server: GSE
date: Mon, 04 Jul 2022 17:21:50 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 170C 3 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 16:15:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 17:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 17:21:50 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 170C 95 KB
34 KB 91ms
20ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 17:14:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 170C 103 KB
40 KB 74ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=small&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

425ed6f782d2190b8796537d949e142a01b4b7ddc867faf3feb7b394cfd4b654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40355
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 17:21:50 GMT

GET
H3 200 all Show response
www.pronostic-facile.fr/widget/mariacourse/quinte_result/ Frame FA6B 9 KB
4 KB 87ms
63ms Document
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/mariacourse/quinte_result/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/mariacourse/script/quinte_result
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84111b6a7444f69e140d67040a1069f96b2b27be579ae48444e0497a714daf75

Request headers

Referer: https://mariacourse.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72598a218b7e91f0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 04 Jul 2022 17:21:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6MwY9E2jskRYVN4PdVCDAFAMiWh0LKZDljKq4RgxzQNAqB119Xl6C9L1ASZh5uvLYohXdCs68NAOVrBumo2TkzVTZWu6ILQMewdZp68%2FXSpmL%2F2ZwEpoZJuimOkKECsgS4BIzXGpihc3BVLgusKTK7RkfemSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FA6B 103 KB
39 KB 67ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/mariacourse/quinte_result/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9b664f36666deb0ec1b6e9d5924d0f39dac28d5569d754b39523ecbef641d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40353
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 17:21:50 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame FA6B 14 KB
5 KB 102ms
53ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/mariacourse/quinte_result/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 72598a224c849a1b-FRA

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 170C 16 KB
17 KB 65ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zeitverschiebung.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:57:13 GMT
x-content-type-options: nosniff
age: 19477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:57:13 GMT

GET
H/1.1 200
OK iframe_sponsor.eur Show response
www.allosponsor.com/cgi-bin/ Frame E3C1 1 KB
1003 B 30ms
29ms Document
text/html 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88326&type=3&affc=1&s=1
Requested by: Host: www.allosponsor.com
URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88326&type=3&popinto=1&s=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 69464faaad2db72115ab5ffb8015bd88ac197e6f5271101430fe5eec70b47b91

Request headers

Referer: https://mariacourse.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 04 Jul 2022 17:21:48 GMT
Keep-Alive: timeout=15, max=99
Server: Apache/2.2.22 (Debian)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK iframe_sponsor.eur Show response
www.allosponsor.com/cgi-bin/ Frame FE79 1 KB
943 B 59ms
29ms Document
text/html 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88326&affc=1&s=1
Requested by: Host: www.allosponsor.com
URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88326&type=3&popinto=1&s=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 82faff14ccb8bfeda690798afffd594473f9559bac5dc03e01012ec379c2cd70

Request headers

Referer: https://mariacourse.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 04 Jul 2022 17:21:49 GMT
Keep-Alive: timeout=15, max=98
Server: Apache/2.2.22 (Debian)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK transp.gif
www.allosponsor.com/images/ 49 B
339 B 88ms
28ms Image
image/gif 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allosponsor.com/images/transp.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:49 GMT
Last-Modified: Thu, 18 Dec 2008 10:28:48 GMT
Server: Apache/2.2.22 (Debian)
ETag: "3803d3-31-45e4fa86d3800"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 49

GET
H/1.1 200
OK closeb.gif
www.allosponsor.com/images/ 706 B
998 B 117ms
29ms Image
image/gif 213.246.57.128
IKOULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allosponsor.com/images/closeb.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:49 GMT
Last-Modified: Sat, 20 Dec 2008 14:28:55 GMT
Server: Apache/2.2.22 (Debian)
ETag: "380380-2c2-45e7b3ed557c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 706

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 170C 49 KB
20 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1021
date: Mon, 04 Jul 2022 17:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 19:04:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FA6B 49 KB
20 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1021
date: Mon, 04 Jul 2022 17:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 19:04:49 GMT

POST
H3 200 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame FA6B 0
172 B 22ms
22ms XHR
text/plain 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/mariacourse/quinte_result/all
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.pronostic-facile.fr
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 72598a22de5891f0-FRA
vary: Origin

GET
DATA 200
OK truncated
/ 233 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3

200

turfoscope.gif
1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/
Redirect Chain

https://img.root-top.com/topsite/turfoscope/banner.gif
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

86 KB
86 KB

20ms
19ms

Image
image/gif

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:12:28 GMT
x-content-type-options: nosniff
age: 4163
content-disposition: inline;filename="turfoscope.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87766
x-xss-protection: 0
server: fife
etag: "v20cf"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Jun 2022 16:11:54 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2GZH%2FJbbb18Xyku4kvk0j80GxSCzg23qhV02%2BXgAGFzQ02i5k%2Bo2tOyWz7UZRFlAM3fcnEWEtpYlHgkhyrEu78hTGoonU6asbgeeQo11IGUQ7e70a0JDpWNL2%2FSMu6sVqpVo%2BADqqjV%2F9tKCJXP"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif
cf-ray: 72598a24fcd76946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/turfbase/ 12 KB
13 KB 91ms
34ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfbase/banner.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322d9114aeb6e5e16d1c97bdb25fb167c267b6bab9722a8d2f6574be71641b4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12565
last-modified: Fri, 01 Jul 2022 19:20:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5AlCVqEjVqTGI7j8NIW66cCyBHj07ihgHhOuu8MZyRRiJo8hwf6shzTSfJU6YY5EHksJUYlZnXYf3RF1wpo9ThCqCo10VK1xmg6hc6vfJNw83spS5UBsqNPk%2B2%2B64g%2FKhnWuusUF5YDvh%2B6UZTC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 72598a24fcd96946-FRA
expires: Mon, 04 Jul 2022 19:20:48 GMT

GET
H3

200

jmpep80top.gif
1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/
Redirect Chain

https://img.root-top.com/topsite/jmpep80top/banner.gif
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

45 KB
45 KB

19ms
19ms

Image
image/gif

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:49:43 GMT
x-content-type-options: nosniff
age: 12727
content-disposition: inline;filename="jmpep80top.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46098
x-xss-protection: 0
server: fife
etag: "v20cb"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Jun 2022 23:42:16 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm2DUgTOeOxKPM7DbSlKfltfp1Z1DpvydACNOttrHUsoRKCn0UTWoIsgCmhjrLQgmyF7SE9ZIr%2BsFGbNybV7JUOCZyuYZjUUVewQR5XtqBT4iC66mMa0j%2F51z52QwL0zWlnsJ2xG5NLg6EYa7s1f"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif
cf-ray: 72598a24fcdb6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

tofturf.gif
1.bp.blogspot.com/-ErrN1fyEVII/YUYb8fjqzsI/AAAAAAAAIL8/__BBHyIjNQM50jfIdNvkMH7n9wU-0a8OACLcBGAsYHQ/s0/
Redirect Chain

https://img.root-top.com/topsite/tofturf/banner.gif
https://1.bp.blogspot.com/-ErrN1fyEVII/YUYb8fjqzsI/AAAAAAAAIL8/__BBHyIjNQM50jfIdNvkMH7n9wU-0a8OACLcBGAsYHQ/s0/tofturf.gif

12 KB
12 KB

29ms
29ms

Image
image/gif

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ErrN1fyEVII/YUYb8fjqzsI/AAAAAAAAIL8/__BBHyIjNQM50jfIdNvkMH7n9wU-0a8OACLcBGAsYHQ/s0/tofturf.gif

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bf41baab666d1ac534580048396a59674783343c2bdf6a659a9d1c453eeffc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 15:23:32 GMT
x-content-type-options: nosniff
age: 7099
content-disposition: inline;filename="tofturf.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11821
x-xss-protection: 0
server: fife
etag: "v20c0"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:11:49 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:51 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B1KNGuNXHJa4ilenPPNu6tzdzgIPUmIQjutxFgH%2BAvtSRYmckP7Hkd8KFTN5EXDQg1lLd4IDeYLxaKZ0CG%2BR4%2BPhsqNhRDk%2BdsntsGzIk4B63tjoPcSomla5VoclRkZTqU1zNjK1EedIZdjzWm1"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-ErrN1fyEVII/YUYb8fjqzsI/AAAAAAAAIL8/__BBHyIjNQM50jfIdNvkMH7n9wU-0a8OACLcBGAsYHQ/s0/tofturf.gif
cf-ray: 72598a24fcdd6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 97ms
35ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c92af21927248f31dc602193dc3c79e85b17075bf26c3028b65fdaacf05ed7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 17:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 quinte_runners Show response
www.pronostic-facile.fr/widget/partner/script/ 251 B
870 B 36ms
35ms Script
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-runtime: 1
date: Mon, 04 Jul 2022 17:21:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBA23NdRbx2O7Uqb5tsWGcvm4GNPILakBSx1xY%2FEisEW5v59IJs6%2BO%2FS9PmI7BCoJVUMcFHUVUipx3YFWwxpzdWqYJSoL9Fl7UH%2FM2o%2BwSyPd8w4iae%2B%2BUWGC9lKt%2BVTi0tO%2B0YHF%2Bx6y4h5VdEZfdtbbCabGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 72598a24a9fc91f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Mariaturf.jpg
1.bp.blogspot.com/-Yn3-UKQB2S4/YBW-ctk3CII/AAAAAAAAAiI/DuGk2QYuLyw9iHZ52z2aaPzLc4QMNM0EACK4BGAYYCw/s1600/ 83 KB
83 KB 85ms
34ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Yn3-UKQB2S4/YBW-ctk3CII/AAAAAAAAAiI/DuGk2QYuLyw9iHZ52z2aaPzLc4QMNM0EACK4BGAYYCw/s1600/Mariaturf.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22000ce511e8cb51e1e165de72d2c7ba0319d422daaaec5302d5fa8850eab605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Mariaturf.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85276
x-xss-protection: 0
server: fife
etag: "v223"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 00:15:59 GMT

GET
H3 200 6-Turfpmu.jpg
2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/ 3 KB
3 KB 83ms
32ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/6-Turfpmu.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="6-Turfpmu.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2753
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 00:15:59 GMT

GET
H2 200 5-Elvyturf.jpg
4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/ 4 KB
4 KB 40ms
34ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/5-Elvyturf.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="5-Elvyturf.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3846
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 Jun 2022 13:03:31 GMT

GET
H3 200 8-Triotierce.jpg
3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/ 3 KB
3 KB 95ms
44ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/8-Triotierce.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="8-Triotierce.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3489
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Jul 2022 15:55:26 GMT

GET
H3 200 10-Basecouple.jpg
3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/ 3 KB
3 KB 215ms
165ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/10-Basecouple.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:51 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="10-Basecouple.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2914
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Jul 2022 00:15:59 GMT

GET
H3 200 11-Franckyturf.jpg
1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/ 3 KB
3 KB 96ms
46ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/11-Franckyturf.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="11-Franckyturf.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3154
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Jun 2022 20:02:33 GMT

GET
H3 200 9-Jeugagnant.jpg
1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/ 3 KB
3 KB 287ms
237ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/9-Jeugagnant.jpg

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:51 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="9-Jeugagnant.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3360
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Jul 2022 08:47:46 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/genycoursegagnant/ 3 KB
3 KB 77ms
27ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/genycoursegagnant/banner.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29155cf84ba51c7db8fdfbf235524eb8f37db2d4ccd281b843f5f0f865ae8c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153222
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2955
last-modified: Sat, 02 Jul 2022 22:48:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYh77%2B9xgCzkINw%2BL9SV%2BEO3nwPI8l2dWTc4VkJ3TVhSsyJcp%2By6y2va1k0zOBVLTSU5OOev3kGUcEWvKx4oYzzx0lgvQdHgPXdLv2n43VlPxgC4duGOftri7nIZz9%2BNvR%2FmUTPQYS6BXUiVPR0X"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 72598a24fcdf6946-FRA
expires: Tue, 05 Jul 2022 22:48:08 GMT

GET
H2

200

5.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain

https://img.root-top.com/topsite/megaturf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

27 KB
28 KB

93ms
27ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10895903
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27601
last-modified: Sun, 25 Jun 2017 11:18:37 GMT
server: cloudflare
etag: "594f9c0d-6bd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZG4HwY1aztzlp%2B0jqAk8Iv5E%2BsdzGNO0mgGCZS6SNJY0UeK2T6L7%2FPTJoEkzJ1vAjFSP4o02sUvA3JbfveOP2i2aVZoZjFmN53DIWPbcuyM%2Ba%2FsizGwM7MvgmmYY8Q4IOammgH0YPmAkb6phjah"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72598a263ef29b69-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV3z%2FmO%2BAPiT4OIOsSHH4iR5VmDHaZBqijAjPpfj2eDo7Ss0L67ujYGrbxdbil5OIKYyXonvk%2FQ4D0vWKaLaKUcFCJ%2FIYYod1NJYxV3oyoYurIBVSAdQmwytau5oMwKcpe6D8q1zlb24g%2BbV%2FfR0"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
cf-ray: 72598a24fce06946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

TOPSITE0.gif
4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/
Redirect Chain

https://img.root-top.com/topsite/topturfjs/banner.gif
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

21 KB
21 KB

23ms
23ms

Image
image/gif

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:49:39 GMT
x-content-type-options: nosniff
age: 9131
content-disposition: inline;filename="TOPSITE0.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21771
x-xss-protection: 0
server: fife
etag: "v122d"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 25 Apr 2022 01:22:06 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hY9tOz5q4MjYX37qld50n199rVqAvJbOET5y08on%2BgZSW5707U9XkxiKYXBLPcSmXuR1xh9P9Tays%2BDZq662F1JJy%2Bj%2B%2BWi1%2FuKCmNPBeC%2BFPGXvOKmuPuzEHzYKUTnnBhPqwknWJIIfivM5HzZu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
cf-ray: 72598a251cf86946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

baseprono.gif
1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/
Redirect Chain

https://img.root-top.com/topsite/baseprono/banner.gif
https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

76 KB
76 KB

21ms
21ms

Image
image/gif

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ee1402f97fc6f57f2e75288863c86a3f2896eed50406745d58ce9b2ddcf7c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:12:28 GMT
x-content-type-options: nosniff
age: 4163
content-disposition: inline;filename="baseprono.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77950
x-xss-protection: 0
server: fife
etag: "v20bc"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 May 2022 02:31:04 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:51 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alcOg5rJYTz%2B7QeEvS%2FPsvonB0vRWxzMQBPgdtbNa7sIQ5fDUV1Q2xGqaIqZ1h8yJOivDs7g4X0Y6YJrjPO2%2B%2Flq%2FwtOv9HyxxLU0F7s4sEsSFY%2BZGB%2Bfp%2BBVySvdT%2FXrGmW150jgryxGrx90AlQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-NTkxiCC0ock/YUSASkfe6eI/AAAAAAAAILs/u6-lqKQ-ILoY_pJGdvsmsEsB1kM62RnQwCLcBGAsYHQ/s0/baseprono.gif
cf-ray: 72598a251cf96946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

top10.gif
www.mega-turf.fr/wp-content/uploads/2017/11/
Redirect Chain

https://img.root-top.com/topsite/quinte/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif

22 KB
22 KB

69ms
32ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1475248
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22328
last-modified: Thu, 23 Nov 2017 09:08:40 GMT
server: cloudflare
etag: "5a169018-5738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K9sNukP%2B6dDokjnfpo4v4XMxUMJ0nMeVZPntBCsZcH%2BsEn3GBExTemLENv3krGO3Gc2GjTx5hqgr4i5QTFQNLasi3FZC6XNAC60cuP2SfbFb%2BX5LM0WMjIutwnsewnEkQEiD2vUF3e4DVk412s%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72598a263ef69b69-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:51 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6022P%2BGcrlU5seMyrP5YiYID3NDE9xgHz03xo08YcLgNkT%2Ff5yLcVJ1CqluXb8xF8r0CVYWPtrinJkVWlXhj2PBLrXtI4KSqyZGCNeel6DEGCWvNEnCTDjkxy%2BbD15nPpyEHQG3b1oO9M0XhkggF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
cf-ray: 72598a251cfa6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK calendrier_004.js Show response
www.toutimages.com/calendriers/ 349 B
544 B 214ms
32ms Script
application/javascript 62.210.16.61
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.toutimages.com/calendriers/calendrier_004.js
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.210.16.61 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-1.online.net
Software: nginx /
Resource Hash: d77fe08a5ebda14e08236bfd74280c2f14f664857a64a5f8ec0810bbf6b64711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Oct 2017 07:39:25 GMT
server: nginx
ETag: "15d-55c96812f45b2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H2 200 banner.gif
img.root-top.com/topsite/lesetoilesduturf/ 11 KB
12 KB 32ms
31ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/lesetoilesduturf/banner.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 760354dc2a850ec262978de770c7eb5a1c879dc7ddb9c8f3f5e4ea092b0ccdde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191456
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11474
last-modified: Sat, 02 Jul 2022 12:10:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqDUdSq53uLcteEdWzsjXqk5HhdV1NM6gZakDlPLQq2UjUKtRespkbWXi7WXvSTesX6kmHg6JMtTU86dvwwo4AVWgLgl1dL%2FyK2%2FuSWrwdo1kyy%2BVWH%2BIn%2FumqRa%2FJNSJKYaEaXrLJvR%2Fb%2FVvHKr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 72598a251cfd6946-FRA
expires: Tue, 05 Jul 2022 12:10:54 GMT

GET
H3

200

pmuturf_logo_root-top.gif
3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/
Redirect Chain

https://img.root-top.com/topsite/pmuturf/banner.gif
https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif

11 KB
12 KB

21ms
21ms

Image
image/gif

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f319b9db9c7224703100306c2f048d7d1f75476f4184fc6a6083abc721270bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:51:06 GMT
x-content-type-options: nosniff
age: 1845
content-disposition: inline;filename="pmuturf_logo_root-top.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11769
x-xss-protection: 0
server: fife
etag: "v1abe"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 06 Apr 2022 17:25:24 GMT

Redirect headers

date: Mon, 04 Jul 2022 17:21:51 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZC7nliflg50dSO1k0POxpDA%2Bjpq2IpnsIDs7CGHlTKYkCMu%2BY%2BksH25faJ61sn8eltymbdkuySHEoH6pGnfYunAsLoq1BWKdPGnND%2BSeXYMcOepiaOyX75bpcRe%2FFIysBkiPa%2FXgrQGYxo8ILuk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://3.bp.blogspot.com/-tdAhVW5JPC8/XmDqr1pUDpI/AAAAAAAAGr0/9FZAGSUkQaMXRRUthAJ8NcLYQt0qJXhtACLcBGAsYHQ/s1600/pmuturf_logo_root-top.gif
cf-ray: 72598a251cfe6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/guideturf/ 6 KB
6 KB 28ms
28ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/guideturf/banner.gif
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a800064c3ae8f8086e1bff058ab3b73dbb80079845b9264e37cae4c95651a691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119848
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6266
last-modified: Sun, 03 Jul 2022 08:04:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ticN2JwtbmRtD%2FfR6HD2tmzquu%2BB8LejYKmWdufBs%2Fvxw7NKTUJQcGiDd9eUZ8yohL4GNXNv1uiQkf%2FFgz8rGr12uhu6InvlJF%2FozjYxVELNiYbwQftqXMLRakWskDUU44Q1DMc81xL1NzYGpUbm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 72598a251cff6946-FRA
expires: Wed, 06 Jul 2022 08:04:22 GMT

GET
H3 404 ABLy4EzRfXPt1T2ysx3NeJF3RxnFnQ4TZFtEshmppDQWrZpFr_wCOX80ttII0bO_VOUajyKAC3z97zX8yMpPxcuRRSzu4fkp08sZcheFHaDsJOlX0naF-4BiZ04n9VtFtg=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 102ms
54ms Image
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EzRfXPt1T2ysx3NeJF3RxnFnQ4TZFtEshmppDQWrZpFr_wCOX80ttII0bO_VOUajyKAC3z97zX8yMpPxcuRRSzu4fkp08sZcheFHaDsJOlX0naF-4BiZ04n9VtFtg=s0-d
Requested by: Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 cookienotice.js Show response
mariacourse.blogspot.com/js/ 6 KB
2 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://mariacourse.blogspot.com/js/cookienotice.js

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/?m=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 06:50:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 11 Jul 2022 08:47:46 GMT

GET
H3 200 1997315711-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
56 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1997315711-widgets.js

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878fb3c4eb3893b38e99429b943c94539e79981282e36350ce50e3a5dd69a51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57161
x-xss-protection: 0
last-modified: Sun, 03 Jul 2022 11:51:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 04 Jul 2023 04:59:08 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 79ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Kh3sNmA0N_E.O/d=1/rs=AN8SPfqbqRNDH_BH2PSmBbjwE-EIZTH2Vg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 04 Jul 2022 18:15:40 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Kh3sNmA0N_E.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfoUf3fAyzoeoqgrOV4WGnFuxmTM5A/ 224 KB
76 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Kh3sNmA0N_E.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfoUf3fAyzoeoqgrOV4WGnFuxmTM5A/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Kh3sNmA0N_E.O/d=1/rs=AN8SPfqbqRNDH_BH2PSmBbjwE-EIZTH2Vg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468a4b0d07ebf83c9fc570555de7ece6182bd070fa5d85110983e928f27f2605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 12:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78029
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 03:13:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 12:56:53 GMT

GET
H3 200 all Show response
www.pronostic-facile.fr/widget/partner/quinte_runners/ Frame CCF6 9 KB
4 KB 39ms
39ms Document
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43fd238fa0a723beb0fa97c356e2301662eb41239e5ee8284c0ab9607aff7576

Request headers

Referer: https://mariacourse.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72598a256b1e91f0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 04 Jul 2022 17:21:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6WzxRLh5Ty0agLtZg%2BOWMcaxnRiV0z1rgxOZ4kQnQN%2BpM%2BOgr4nvdrlxqM1dKMBgsIFHsD8%2B9RyRnH816pe378mjj7DWrHk75MMbmuiqJoQRU1O3vXGLfzIgWOHBTRxPIfwX1PFWyUI6K92CRB1XlREbS9GjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CCF6 103 KB
39 KB 67ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82008cfe491755caad113047cd6853688d242b985eefff9be973cace62655e07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40354
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 17:21:51 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame CCF6 14 KB
5 KB 60ms
59ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:21:51 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 72598a25b9679a1b-FRA

GET
H/1.1 200
OK calendrier_004.htm Show response
www.toutimages.com/calendriers/ Frame 8AEF 6 KB
2 KB 54ms
53ms Document
text/html 62.210.16.61
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.toutimages.com/calendriers/calendrier_004.htm
Requested by: Host: www.toutimages.com
URL: https://www.toutimages.com/calendriers/calendrier_004.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.210.16.61 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-1.online.net
Software: nginx /
Resource Hash: 226d4909374b443318b01ed33a3614847c2950d64d4b29174b26a19259e9c712

Request headers

Referer: https://mariacourse.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2251
Content-Type: text/html
Date: Mon, 04 Jul 2022 17:21:51 GMT
ETag: "198a-5268e43f4d7e5-gzip"
Last-Modified: Thu, 10 Dec 2015 17:09:10 GMT
Vary: Accept-Encoding
server: nginx

GET
DATA 200
OK truncated Show response
/ Frame E2D4 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 68ms
21ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:53:15 GMT
x-content-type-options: nosniff
age: 1716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jul 2023 16:53:15 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1023 B 71ms
24ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: mariacourse.blogspot.com
URL: https://mariacourse.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mariacourse.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:25:20 GMT
x-content-type-options: nosniff
age: 32191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jul 2023 08:25:20 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 64ms
25ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:17:06 GMT
x-content-type-options: nosniff
age: 285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jul 2023 17:17:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame CCF6 49 KB
20 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1022
date: Mon, 04 Jul 2022 17:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 19:04:49 GMT

POST
H3 200 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame CCF6 0
172 B 21ms
21ms XHR
text/plain 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Mon, 04 Jul 2022 17:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.pronostic-facile.fr
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 72598a26bd2591f0-FRA
vary: Origin

GET
H/1.1 200
OK cadre_3.gif
www.toutimages.com/calendriers/ Frame 8AEF 1 KB
2 KB 32ms
32ms Image
image/gif 62.210.16.61
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.toutimages.com/calendriers/cadre_3.gif
Requested by: Host: www.toutimages.com
URL: https://www.toutimages.com/calendriers/calendrier_004.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.210.16.61 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-1.online.net
Software: nginx /
Resource Hash: 159f2fafcf6c8bb3725939bd7437cc347570247bfe628d81c1bde873cb6f079e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.toutimages.com/calendriers/calendrier_004.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:51 GMT
Last-Modified: Mon, 04 Aug 2014 09:57:16 GMT
server: nginx
ETag: "575-4ffcac38b3700"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1397

GET
H/1.1 200
OK pecheur.jpg
www.toutimages.com/calendriers/ Frame 8AEF 4 KB
4 KB 69ms
36ms Image
image/jpeg 62.210.16.61
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.toutimages.com/calendriers/pecheur.jpg
Requested by: Host: www.toutimages.com
URL: https://www.toutimages.com/calendriers/calendrier_004.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.210.16.61 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-1.online.net
Software: nginx /
Resource Hash: d4354b8fe7d354dccf3e20d902763fa16dead47be0adc246be032cec7d4afd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.toutimages.com/calendriers/calendrier_004.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:51 GMT
Last-Modified: Mon, 04 Aug 2014 09:57:32 GMT
server: nginx
ETag: "e06-4ffcac47f5b00"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3590

GET
H/1.1 200
OK fond_pecheur.jpg
www.toutimages.com/calendriers/ Frame 8AEF 986 B
1 KB 107ms
38ms Image
image/jpeg 62.210.16.61
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.toutimages.com/calendriers/fond_pecheur.jpg
Requested by: Host: www.toutimages.com
URL: https://www.toutimages.com/calendriers/calendrier_004.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.210.16.61 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-1.online.net
Software: nginx /
Resource Hash: 0e7dac525722015ab92fad50dc618e8d54cf5c829ba2c81b65321a41c538b677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.toutimages.com/calendriers/calendrier_004.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 17:21:51 GMT
Last-Modified: Mon, 04 Aug 2014 09:57:31 GMT
server: nginx
ETag: "3da-4ffcac47018c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 986

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EzRfXPt1T2ysx3NeJF3RxnFnQ4TZFtEshmppDQWrZpFr_wCOX80ttII0bO_VOUajyKAC3z97zX8yMpPxcuRRSzu4fkp08sZcheFHaDsJOlX0naF-4BiZ04n9VtFtg=s0-d Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ajax.googleapis.com
blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
img.root-top.com
lh3.googleusercontent.com
mariacourse.blogspot.com
payment.allopass.com
resources.blogblog.com
static.cloudflareinsights.com
translate.google.com
translate.googleapis.com
www.allosponsor.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.mega-turf.fr
www.pronostic-facile.fr
www.toutimages.com
www.zeitverschiebung.net
178.254.1.54
185.119.26.1
213.246.57.128
2606:4700:3034::6815:15de
2606:4700:3035::6815:449a
2606:4700:3038::6815:ea1a
2606:4700:440e::ac40:9c1a
2a00:1450:4001:803::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:829::2009
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
62.210.16.61
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0e7dac525722015ab92fad50dc618e8d54cf5c829ba2c81b65321a41c538b677
0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a
159f2fafcf6c8bb3725939bd7437cc347570247bfe628d81c1bde873cb6f079e
18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed
1c92af21927248f31dc602193dc3c79e85b17075bf26c3028b65fdaacf05ed7f
22000ce511e8cb51e1e165de72d2c7ba0319d422daaaec5302d5fa8850eab605
226d4909374b443318b01ed33a3614847c2950d64d4b29174b26a19259e9c712
2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
322d9114aeb6e5e16d1c97bdb25fb167c267b6bab9722a8d2f6574be71641b4b
3af688bc9ebd9167247b28accef5472166cfeaae0c49a5b7dd4d50c7a9bbc565
425ed6f782d2190b8796537d949e142a01b4b7ddc867faf3feb7b394cfd4b654
43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5
43fd238fa0a723beb0fa97c356e2301662eb41239e5ee8284c0ab9607aff7576
468a4b0d07ebf83c9fc570555de7ece6182bd070fa5d85110983e928f27f2605
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c
55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049
6097426a48c1454fcb02acae3dc63e13a5e885ee8dd96cebcd790a273ad88fbb
62db5c5684a840765e094a7b2ac0965de379616f2717aa824ab6d00dcbac16e2
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688
69464faaad2db72115ab5ffb8015bd88ac197e6f5271101430fe5eec70b47b91
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b
760354dc2a850ec262978de770c7eb5a1c879dc7ddb9c8f3f5e4ea092b0ccdde
7ee1402f97fc6f57f2e75288863c86a3f2896eed50406745d58ce9b2ddcf7c39
7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be
82008cfe491755caad113047cd6853688d242b985eefff9be973cace62655e07
82faff14ccb8bfeda690798afffd594473f9559bac5dc03e01012ec379c2cd70
84111b6a7444f69e140d67040a1069f96b2b27be579ae48444e0497a714daf75
841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b
84f3c357dbe9dba48cb4d669762446b97966544ba3b469bcac7ce7d06657705b
878fb3c4eb3893b38e99429b943c94539e79981282e36350ce50e3a5dd69a51d
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a800064c3ae8f8086e1bff058ab3b73dbb80079845b9264e37cae4c95651a691
aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3
b85d577c9372317faa6365a789a52e6217c407d61e1c637ecb088e7b075e39ba
b94f530ef15ed040a11efe301ac983221efa13f676ac6967d9e64d806a666365
bf41baab666d1ac534580048396a59674783343c2bdf6a659a9d1c453eeffc2a
c06e44cceaa172a48dc58b0e8249c031648c30f4117f7714d80d9cbe6e760630
c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6
c29155cf84ba51c7db8fdfbf235524eb8f37db2d4ccd281b843f5f0f865ae8c7
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c
d4354b8fe7d354dccf3e20d902763fa16dead47be0adc246be032cec7d4afd2e
d77fe08a5ebda14e08236bfd74280c2f14f664857a64a5f8ec0810bbf6b64711
d9b664f36666deb0ec1b6e9d5924d0f39dac28d5569d754b39523ecbef641d69
dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4
de7a53bd6dd86a48393788feb7c5bd0940346d7641c5bf83a7ac740745332bd0
df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9
e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96
e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f319b9db9c7224703100306c2f048d7d1f75476f4184fc6a6083abc721270bbc
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

mariacourse.blogspot.com Open in urlscan Pro 2a00:1450:4001:80e::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

88 %HTTPS

79 %IPv6

17 Domains

25 Subdomains

21 IPs

3 Countries

1383 kBTransfer

2488 kBSize

0 Cookies

35 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mariacourse.blogspot.com Open in urlscan Pro
2a00:1450:4001:80e::2001 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

88 %
HTTPS

79 %
IPv6

17
Domains

25
Subdomains

21
IPs

3
Countries

1383 kB
Transfer

2488 kB
Size

0
Cookies

69 HTTP transactions
3 data transactions