gazette-des-pronos.blogspot.com Open in urlscan Pro
2a00:1450:4001:82b::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gazette-des-pronos.blogspot.com/
Submission: On June 28 via manual (June 28th 2022, 3:15:31 pm UTC) from ML — Scanned from DE

Summary HTTP 46 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 46 HTTP transactions. The main IP is 2a00:1450:4001:82b::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is gazette-des-pronos.blogspot.com.

This is the only time gazette-des-pronos.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
3	194.150.236.190 194.150.236.190	44976 (HIWIT_AS) (HIWIT_AS)
8 16	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.210.43.68 195.210.43.68	39506 (MFX-AS) (MFX-AS)
1	2606:4700:303... 2606:4700:3035::6815:449a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.27.63.154 212.27.63.154	12322 (PROXAD) (PROXAD)
1 2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
46	14

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gazette-des-pronos.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net

www.turfsur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.snprono.powa.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3038::6815:ea1b (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.210.43.68 (France)

ASN39506 (MFX-AS, FR)
PTR: aap1.createur-internet.com

www.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:449a (United States)

ASN13335 (CLOUDFLARENET, US)

www.mega-turf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.27.63.154 (France)

ASN12322 (PROXAD, FR)
PTR: perso154-g5.free.fr

lemagicienduturf.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	root-top.com 8 redirects img.root-top.com www.root-top.com	67 KB
7	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 15941 www.blogblog.com — Cisco Umbrella Rank: 29764	4 KB
6	blogspot.com gazette-des-pronos.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 9765 4.bp.blogspot.com — Cisco Umbrella Rank: 12431	210 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 162	150 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 8410	67 KB
4	allopass.com payment.allopass.com	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	googleusercontent.com 1 redirects themes.googleusercontent.com — Cisco Umbrella Rank: 10896	19 KB
2	turfsur.com www.turfsur.com	36 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	658 B
1	free.fr lemagicienduturf.free.fr	3 KB
1	mega-turf.fr www.mega-turf.fr	28 KB
1	powa.fr www.snprono.powa.fr	26 KB
46	14

	Domain	Requested by
16	img.root-top.com	8 redirects gazette-des-pronos.blogspot.com
5	apis.google.com	gazette-des-pronos.blogspot.com apis.google.com www.blogger.com
5	www.blogger.com	gazette-des-pronos.blogspot.com apis.google.com
4	resources.blogblog.com	gazette-des-pronos.blogspot.com www.blogger.com
4	payment.allopass.com	gazette-des-pronos.blogspot.com payment.allopass.com
3	www.blogblog.com	gazette-des-pronos.blogspot.com
3	1.bp.blogspot.com	gazette-des-pronos.blogspot.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	themes.googleusercontent.com	1 redirects gazette-des-pronos.blogspot.com
2	www.turfsur.com	gazette-des-pronos.blogspot.com
2	gazette-des-pronos.blogspot.com	gazette-des-pronos.blogspot.com
1	www.googletagmanager.com	payment.allopass.com
1	pagead2.googlesyndication.com	gazette-des-pronos.blogspot.com
1	lemagicienduturf.free.fr	gazette-des-pronos.blogspot.com
1	4.bp.blogspot.com	gazette-des-pronos.blogspot.com
1	www.mega-turf.fr	gazette-des-pronos.blogspot.com
1	www.root-top.com	gazette-des-pronos.blogspot.com
1	www.snprono.powa.fr	gazette-des-pronos.blogspot.com
46	18

This site contains links to these domains. Also see Links.

Domain
payment.allopass.com
www.blogger.com
www.root-top.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.allopass.com Gandi Standard SSL CA 2	`2021-10-08` - `2022-10-08`	a year	crt.sh
turfsur.com R3	`2022-06-05` - `2022-09-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://gazette-des-pronos.blogspot.com/
Frame ID: 59357F4252FBBDD38D3BDE328CAAC0D6
Requests: 41 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5037300281890581840&blogName=GAGETTE+DES+PRONOS&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://gazette-des-pronos.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://gazette-des-pronos.blogspot.com/&vt=-1994734427552191734&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Frame ID: 9761EB936EACBC7650236B1F24EDF7B4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GAGETTE DES PRONOS

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

46
Requests

65 %
HTTPS

71 %
IPv6

14
Domains

18
Subdomains

14
IPs

3
Countries

677 kB
Transfer

1259 kB
Size

5
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://payment.allopass.com/buy/buy.apu?ids=356041&idd=1552989&carousel=row

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=5037300281890581840&postID=4002379020470275540&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=5037300281890581840&postID=3114575647051738750&from=pencil

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/zetop/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/secreturf/in.php?ID=437
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/euloge47/in.php?ID=40
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/classement_general/in.php?ID=2391
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baozing5/in.php?ID=83
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/4turfs/in.php?ID=113
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/heureuxabonnes/in.php?ID=88
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfbase/in.php?ID=720
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/megaturf/in.php?ID=1340
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/minarik/in.php?ID=184
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/lacledubonheur/in.php?ID=85
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfistes/in.php?ID=1948
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfoscope/in.php?ID=868
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topturfjs/in.php?ID=2180
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=1320
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/exelturf/in.php?ID=663
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pegaseturf/in.php?ID=201
Title: GAZETTE-DES PRONOS

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://img.root-top.com/topsite/secreturf/banner.gif HTTP 302
http://www.snprono.powa.fr/secreturf.gif

Request Chain 9

https://img.root-top.com/topsite/classement_general/banner.gif HTTP 302
http://www.root-top.com/images/bouton_RT1.gif

Request Chain 14

https://img.root-top.com/topsite/megaturf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

Request Chain 18

https://img.root-top.com/topsite/turfoscope/banner.gif HTTP 302
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Request Chain 19

https://img.root-top.com/topsite/topturfjs/banner.gif HTTP 302
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Request Chain 20

https://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 302
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Request Chain 21

https://img.root-top.com/topsite/exelturf/banner.gif HTTP 302
http://lemagicienduturf.free.fr/images/exelturf.jpg

Request Chain 22

https://img.root-top.com/topsite/pegaseturf/banner.gif HTTP 302
http://www.turfsur.com/img/pegase.gif HTTP 307
https://www.turfsur.com/img/pegase.gif

Request Chain 25

http://themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600 HTTP 301
https://themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gazette-des-pronos.blogspot.com/ 87 KB
12 KB 228ms
179ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cdc009096e617ff111187cc76fd78dc510e931f5d12cb0522aedc38f0f67a3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 12021
Content-Type: text/html; charset=UTF-8
Date: Tue, 28 Jun 2022 15:15:26 GMT
ETag: W/"b58bf5d0dfc5e81a8701e1b1b32a8916cfbaebd546205607ee83c27e6cc4e423"
Expires: Tue, 28 Jun 2022 15:15:26 GMT
Last-Modified: Sun, 05 Dec 2021 04:47:51 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 77ms
13ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 14:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 23:55:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 28 Jun 2023 14:58:57 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 158ms
110ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5037300281890581840&zx=6cdd2986-eeac-42fa-9188-65c0c9bce706

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Jun 2022 15:15:26 GMT
server: GSE
date: Tue, 28 Jun 2022 15:15:26 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
20 KB 70ms
24ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e0a8c8d899c3a0a28219d8d7668ef0256652eee1bb63b5d96ba52cd3e18f03c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Tue, 28 Jun 2022 15:15:26 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a34ff92a9ec0825b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 15:15:26 GMT

GET
H/1.1 200
OK fonheader1.jpg
1.bp.blogspot.com/-q5D0gdveBhY/Vcx6clnsPLI/AAAAAAAAAA8/51FCD6CboIY/s1600/ 42 KB
42 KB 33ms
13ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-q5D0gdveBhY/Vcx6clnsPLI/AAAAAAAAAA8/51FCD6CboIY/s1600/fonheader1.jpg

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d8147b16a1cfbaa2510f54a9c7e101f7e5476a123f679b478adbe4cfd9a878d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:14:48 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 38
ETag: "v10"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fonheader1.jpg"
Timing-Allow-Origin: *
Content-Length: 42722
X-XSS-Protection: 0
Expires: Wed, 29 Jun 2022 15:14:48 GMT

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 777ms
241ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=356041&idd=1552989&lang=fr
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: a8e3e0c9f5b855470d2a6234c8a848178d46ac3429c6e7b033483597058f5e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 15:15:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html
Content-Length: 2960
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
299 B 36ms
17ms Image
image/gif 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:48:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jun 2022 04:51:44 GMT
server: sffe
age: 23229
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Jul 2022 08:48:17 GMT

GET
H/1.1 200
OK zetop.gif
www.turfsur.com/logos_turf/ 29 KB
29 KB 89ms
16ms Image
image/gif 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfsur.com/logos_turf/zetop.gif

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns30.hiwit.net

Software

Apache /

Resource Hash

336baba693441e253963c7ff5fd3b30c2047f2f48d74d8624264871b42a2a0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:26 GMT
Last-Modified: Mon, 05 Mar 2018 05:50:08 GMT
Server: Apache
ETag: "8789a6-749f-566a3e5ffc400"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 29855

GET
H/1.1

200
OK

secreturf.gif
www.snprono.powa.fr/
Redirect Chain

https://img.root-top.com/topsite/secreturf/banner.gif
http://www.snprono.powa.fr/secreturf.gif

26 KB
26 KB

78ms
18ms

Image
image/gif

194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.snprono.powa.fr/secreturf.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 0c9a44b18ceb770e00ec78282dbb2b4b880686e3ab7d97933710b0f85d56a725

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:26 GMT
Last-Modified: Sat, 14 Nov 2020 05:14:08 GMT
Server: Apache
ETag: "a51079-666d-5b40a36f12800"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 26221

Redirect headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIp%2F7Er%2BayJD%2FxklnqjI2Gd4uBCYztnJFkvz9ybR2uEMwv3QOv2nt46%2B6XiIYGX6EWxRFu4hGaRiMrTZmms8KYzekc94b5%2FvLo88Uv8XeE%2BG3Z2PGgNUa8UBDgktc3Yvk7vDJEMfaCbix%2F4LblyO"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://www.snprono.powa.fr/secreturf.gif
cf-ray: 722760bb3e639153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/euloge47/ 3 KB
3 KB 52ms
20ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/euloge47/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28aae532b03adabc2ee60e7a0c20273042bef4f0420bb23fa290154131ce49f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28540
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2907
last-modified: Tue, 28 Jun 2022 07:19:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fyr5xgON44R6aaagJGD8eoDDEXroyXE5A4Hofk41iIsTvu2iuzvWNyTjf%2FI8Klt%2F92Ro6QgSqebg28hxCJlBuZYKihaf65xk9Lqt7ubAQ%2Blb54Q2YfpXkNivix%2FO2OJmueCrvGKyZsRvFkgs4FQf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb3e649153-FRA
expires: Fri, 01 Jul 2022 07:19:46 GMT

GET
H/1.1

200
OK

bouton_RT1.gif
www.root-top.com/images/
Redirect Chain

https://img.root-top.com/topsite/classement_general/banner.gif
http://www.root-top.com/images/bouton_RT1.gif

3 KB
3 KB

80ms
31ms

Image
image/gif

195.210.43.68
MFX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.root-top.com/images/bouton_RT1.gif

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

195.210.43.68 , France, ASN39506 (MFX-AS, FR),

Reverse DNS

aap1.createur-internet.com

Software

Apache /

Resource Hash

235ddb6372a963808ad3e009f2122c775d3bccfeeb71ed7a013d27e22448b0a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2009 17:33:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "cba-4795db1939040-gzip"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2433
Expires: Thu, 28 Jul 2022 15:15:26 GMT

Redirect headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0bob8tx4MM9stHA4Pt9R8IAZLHSovT9TvJyz9p6EM3XDWGj%2FqX5UKEbBbaT5b68BC5nUtoCZjnANe%2BuavB2dXXObxdxXG9Cf9qMrInmFjKCDRuak4FBcISaBt8tujf0U4fEOI7T2F5qo9I6ThQz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://www.root-top.com/images/bouton_RT1.gif
cf-ray: 722760bb3e659153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/baozing5/ 7 KB
7 KB 53ms
21ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/baozing5/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c60db6a7f908d94c6dc7405959c3d918495e931f4fe65c68dc2654f1e737cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9228
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6920
last-modified: Tue, 28 Jun 2022 12:41:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkWdbMMRxe51c09N3ZTGZ2MKimT9S0TdaB8a8X0yp3gJ51SSJbBSws6yCO7jckBk1%2BM7WruE%2FYUBzNQ6rhqJJW56gj70X0XaLVCirzMWofc7YyobSe92fZ1KbyLCJE%2Bi7EioHqL27bkmC0Neeksc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb3e669153-FRA
expires: Fri, 01 Jul 2022 12:41:38 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/4turfs/ 3 KB
4 KB 51ms
20ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/4turfs/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28e285487a16495ed0178167909a216b687aabdfed816e0ea04a8787b6695d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3404
last-modified: Sun, 26 Jun 2022 12:45:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2B5yPCnwZ8quJGZnAQcnqP15vakSNTslVp%2BpSR6%2BwORCKzsAPsqhAImJgz1c1%2B1OJoqij99RIqNUe8ZTLZl55V26%2F5OyUwcbE23zGg%2BiUqA2H%2BP8YQaoR5i5woQEE7OjhDtqzSYzPZPpdWIjXqg3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb3e699153-FRA
expires: Wed, 29 Jun 2022 12:45:40 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/heureuxabonnes/ 7 KB
7 KB 22ms
21ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/heureuxabonnes/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5e171666de3eb4c8a706489f20df066065446d2b075063035303c7da67f133

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196877
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6724
last-modified: Sun, 26 Jun 2022 08:34:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FoFuy1QVysOQJMYTt45gIzjoXapJ68yTD0glYKh7P%2BkC5a%2FSjjyFem2tvJ6Du05oJvwIbIKiZR9WYZB8JGHYBerLvqdEbtBwMfe8t0%2F0YTOgTMyxPsZM3gTuGxvbjsgBK%2B3tPQENyOYwYr3R0Pb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb3e689153-FRA
expires: Wed, 29 Jun 2022 08:34:09 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/turfbase/ 12 KB
13 KB 18ms
17ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfbase/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d59c732f489588d69638c181476fa50ef6bfecfdb8cba627504dd410fa3d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74920
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12633
last-modified: Mon, 27 Jun 2022 18:26:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh3iLVJTDBja10qSfaKyCpDBn%2FI5ItQx1n5nFCqk15a5uTYp7dLLxgq%2BBrr42%2FJJMJ8wUV2axR6JiTOOjmOrB9p%2FOL5eoe4mmy%2FmN7dIEUqO0RjLBYt%2F8bDdl2vE%2Fy3W%2BwSgYVIwVQQXEAdK7Bce"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb4e709153-FRA
expires: Thu, 30 Jun 2022 18:26:46 GMT

GET
H2

200

5.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain

https://img.root-top.com/topsite/megaturf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

27 KB
28 KB

52ms
13ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10369918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27601
last-modified: Sun, 25 Jun 2017 11:18:37 GMT
server: cloudflare
etag: "594f9c0d-6bd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6wAVpZmrSh6m4ade8I5OFHyYfxKcuwiGF05NiMx3VBsOM0VJdCzzcwjTLcDYrDE47hZIA8RNjkPeUKrZOBEK590rtva9yOqx9O%2FfXCWRlcvuBn7MznhTmVSs02rLpbTmP9DOzOafYN1JeMmHtD8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 722760bc9db79bd1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYA1w8mlQZ%2FbO6UD2ZUrohIYidcPNf47cn7eAgrz4tdpfrh%2F5pwZikdA3YuX%2BIxtLNLLapj0oxyDad3V6L91vtNApNcEa%2FpsooWSVNf%2Ba4mlGVXSpUkyLIalNO%2BkeVSF8coBG8F7K6EANpIDHb78"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
cf-ray: 722760bb4e799153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/minarik/ 3 KB
4 KB 20ms
19ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/minarik/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2322e267893dfaf11e11feae69e6631f0fd40050197b2abcfdc31ff6528a2eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73482
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3512
last-modified: Mon, 27 Jun 2022 18:50:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwxwZ7jq9hfW%2BDyqoQIVmn%2FKf8YpDP9SacoR9F8%2B2YeU6z5rLdF5RT9X69ikQ%2BoxagoW1Jkjmea7vIJaSSgR787y9mboJBXuEgz7FLAaWbMPIBuqmKKl3wm9evR%2B%2B5k0Cqb9B42JkRJDlrYhRoK3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb4e7b9153-FRA
expires: Thu, 30 Jun 2022 18:50:44 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/lacledubonheur/ 13 KB
14 KB 20ms
19ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/lacledubonheur/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7d07321b2831c02cd748da9f79533ab9eb61de740a16d8ac4b0790578fb5c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61049
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13568
last-modified: Mon, 27 Jun 2022 22:17:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvbSvozLjE%2FEnosaoWq5PUrubINeGitIuUdQY9JDTahPZjPqU1HHnjtS8W6d6Y24iwuuKyPWhQIML4eTwWxzG5HSHqbYcRnbnCCj%2F558uvRUjyaKdvuHDgHlqSnhq90lPs6VkL77ySoW%2FdIo0kPQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb4e7e9153-FRA
expires: Thu, 30 Jun 2022 22:17:57 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/turfistes/ 10 KB
10 KB 22ms
21ms Image
image/gif 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfistes/banner.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6049bb33ca3a57d6ef6368c2bf253e98a7fba1c45f173450806fc9fc187d06d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178273
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9830
last-modified: Sun, 26 Jun 2022 13:44:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZBPpWO%2FJNxfp%2FvTSnKiWTNyingItg%2FnC2QjqMKCYv%2BpRA%2F1IWDT%2BOgV3nqMPIE0W%2FRw2dUsoVec2DnBkCbciMz6VvWJKuPQFSUIPrmr%2BbwRn0gGJPrzn1FxZugL0FStVs%2BIVb4%2Br4WJrNzGul7T"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 722760bb4e7f9153-FRA
expires: Wed, 29 Jun 2022 13:44:13 GMT

GET
H2

200

turfoscope.gif
1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/
Redirect Chain

https://img.root-top.com/topsite/turfoscope/banner.gif
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

86 KB
86 KB

89ms
55ms

Image
image/gif

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 11:22:44 GMT
x-content-type-options: nosniff
age: 13962
content-disposition: inline;filename="turfoscope.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87766
x-xss-protection: 0
server: fife
etag: "v20cf"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Jun 2022 16:11:54 GMT

Redirect headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pamA8kohb%2BpZNc%2FHp0rijOysJOQKJHgrgtLAUSVVJ9KSGTwIhVMlGO48%2F2auNlVP%2FVimY%2BaFM6ZN6RhPqm2BeM9XWdMCumPG6BElPCvsaE9YafPGlugdw0oAYhTDrGtR9bm3cTVq9WOow2u%2F3IRK"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif
cf-ray: 722760bb4e809153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

TOPSITE0.gif
4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/
Redirect Chain

https://img.root-top.com/topsite/topturfjs/banner.gif
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

21 KB
22 KB

80ms
24ms

Image
image/gif

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:52:56 GMT
x-content-type-options: nosniff
age: 8550
content-disposition: inline;filename="TOPSITE0.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21771
x-xss-protection: 0
server: fife
etag: "v122d"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 25 Apr 2022 01:22:06 GMT

Redirect headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Afl%2Bmyy4YOllTj%2F0s2D70WJZVLSoYz%2FX1qyLxSlXGP75Q9ix0DxPCzEmPtTyNQyoWWhhmiC2p84ufSMr3DpXqLPBbvpdX%2FYzXRH1%2Fv4AFeoXLU3rnzw7MLhAHiwIevIObVbfK01OHnA8VHNccj4j"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
cf-ray: 722760bb4e819153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

jmpep80top.gif
1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/
Redirect Chain

https://img.root-top.com/topsite/jmpep80top/banner.gif
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

45 KB
45 KB

39ms
26ms

Image
image/gif

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:58:39 GMT
x-content-type-options: nosniff
age: 8207
content-disposition: inline;filename="jmpep80top.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46098
x-xss-protection: 0
server: fife
etag: "v20cb"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 May 2022 00:16:26 GMT

Redirect headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYkU44boy3xYvzBkjqaJxbnJXKe9G3hqgISJsj1HhKpmBmq1kFEJomRrPPHAKrE4haFJ2uAODyxY9Z6YdG%2FNuJBviPNuLwJjDadzCenRO841IbDuOUaV2RrhX8f0huxFT%2BIM5%2BIzlpN219h0PL2P"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif
cf-ray: 722760bb4e839153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

exelturf.jpg
lemagicienduturf.free.fr/images/
Redirect Chain

https://img.root-top.com/topsite/exelturf/banner.gif
http://lemagicienduturf.free.fr/images/exelturf.jpg

3 KB
3 KB

82ms
17ms

Image
image/jpeg

212.27.63.154
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lemagicienduturf.free.fr/images/exelturf.jpg
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: HTTP/1.1
Server: 212.27.63.154 , France, ASN12322 (PROXAD, FR),
Reverse DNS: perso154-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: 116d95fd87a2ff2206f3afba428f80c8b8008ec3e5696796c24b13f71ce30ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:26 GMT
Last-Modified: Wed, 02 May 2018 06:53:13 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]
ETag: "600db35e2-aa5-5ae96059"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 2725

Redirect headers

date: Tue, 28 Jun 2022 15:15:26 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSFKOEydPhaUMbPdqtaRZmykKaOtLtqQvS02FW4TpSfUVCVj0%2F7t269lnxOyebOOCrKUMbzG7ToMOZvExCuJPai%2BMriIZfG3yo%2FVz1WCZ4kyDCe4WjGohSPozkSAtMU0iq4xeXboAW43iYfnGujt"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://lemagicienduturf.free.fr/images/exelturf.jpg
cf-ray: 722760bb4e859153-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

pegase.gif
www.turfsur.com/img/
Redirect Chain

https://img.root-top.com/topsite/pegaseturf/banner.gif
http://www.turfsur.com/img/pegase.gif
https://www.turfsur.com/img/pegase.gif

6 KB
6 KB

16ms
16ms

Image
image/gif

194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfsur.com/img/pegase.gif

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns30.hiwit.net

Software

Apache /

Resource Hash

7ee4ec6a4292271e63c4cebbf5002104ba0772ac146b1f0f94882f35d54af49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:26 GMT
Last-Modified: Mon, 05 Mar 2018 05:51:29 GMT
Server: Apache
ETag: "878ab8-1856-566a3ead3ba40"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 6230

Redirect headers

Location: https://www.turfsur.com/img/pegase.gif
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK cookienotice.js Show response
gazette-des-pronos.blogspot.com/js/ 6 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://gazette-des-pronos.blogspot.com/js/cookienotice.js

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:14:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 73
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 2026
X-XSS-Protection: 0
Last-Modified: Tue, 28 Jun 2022 13:57:30 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 05 Jul 2022 15:14:13 GMT

GET
H2 200 1997315711-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
56 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1997315711-widgets.js

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878fb3c4eb3893b38e99429b943c94539e79981282e36350ce50e3a5dd69a51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57161
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 10:04:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 28 Jun 2023 15:14:45 GMT

GET
H2

200

image
themes.googleusercontent.com/
Redirect Chain

http://themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600
https://themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600

18 KB
18 KB

95ms
58ms

Image
image/jpeg

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a646d6d9739460fea598243a1b4588b2391325de3c88addc3f15abc80b9680ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18130
x-xss-protection: 0
expires: Wed, 29 Jun 2022 15:15:26 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 15:15:26 GMT
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 149 KB
51 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c41da44013f0e258f2518910b3eec8479929f4b99c791fcc1fe6b644a088f9b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 13:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52026
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 13:51:19 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 52 KB
16 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19849bb7874e88915b91024dbd71d60d36b9d65fe370f6befc20948b5717dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16789
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:43:36 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 35ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 11:08:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 14827
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Tue, 12 Jul 2022 11:08:19 GMT

GET
H/1.1 200
OK white80.png
www.blogblog.com/1kt/transparent/ 96 B
680 B 43ms
15ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.blogblog.com/1kt/transparent/white80.png

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 14:40:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 27 Jun 2022 07:48:12 GMT
Server: sffe
Age: 88517
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/png
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 96
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Mon, 04 Jul 2022 14:40:09 GMT

GET
H/1.1 200
OK header_gradient_shade.png
www.blogblog.com/1kt/transparent/ 424 B
1010 B 40ms
13ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.blogblog.com/1kt/transparent/header_gradient_shade.png

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 08:33:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Jun 2022 07:50:53 GMT
Server: sffe
Age: 196903
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/png
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 424
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Sun, 03 Jul 2022 08:33:43 GMT

GET
H/1.1 200
OK tabs_gradient_shade.png
www.blogblog.com/1kt/transparent/ 185 B
770 B 42ms
15ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.blogblog.com/1kt/transparent/tabs_gradient_shade.png

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 12:47:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Jun 2022 15:50:44 GMT
Server: sffe
Age: 95281
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/png
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 185
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Mon, 04 Jul 2022 12:47:25 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 9761 7 KB
3 KB 122ms
121ms Document
text/html 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5037300281890581840&blogName=GAGETTE+DES+PRONOS&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://gazette-des-pronos.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://gazette-des-pronos.blogspot.com/&vt=-1994734427552191734&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c675698f7c96b1049ca606eab565ecb8983ad7b70e32b0445b404ae2f2a1d51

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gazette-des-pronos.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2620
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 15:15:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 554ms
553ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5037300281890581840&zx=6cdd2986-eeac-42fa-9188-65c0c9bce706

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Jun 2022 15:15:27 GMT
server: GSE
date: Tue, 28 Jun 2022 15:15:27 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 9761 52 KB
20 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5037300281890581840&blogName=GAGETTE+DES+PRONOS&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://gazette-des-pronos.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://gazette-des-pronos.blogspot.com/&vt=-1994734427552191734&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73f2e39ffba9e88cfe64353873fbbf8f10a8ec87e19db6019b835d34052bbbf4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20341
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Tue, 28 Jun 2022 15:15:26 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "257111776a9590b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 15:15:26 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 9761 907 B
930 B 15ms
15ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:19:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Jun 2022 07:48:12 GMT
server: sffe
age: 64534
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 04 Jul 2022 21:19:52 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 9761 117 B
140 B 15ms
15ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:36:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 26 Jun 2022 09:52:20 GMT
server: sffe
age: 171538
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 03 Jul 2022 15:36:28 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame 9761 128 KB
42 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83b7ac2274b3bde75dc2eadc6ee79b946bcb516d78f1b66e5c7f4240f7ba8c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42800
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:43:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
40 KB 62ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=356041&idd=1552989&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c1dd374a45bf0455793284155870e57dcb3bebddd4770b582321d8e3753bb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40174
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Jun 2022 15:15:27 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 50ms
18ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=356041&idd=1552989&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "4215b-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 51ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:27 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "216d9-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ 753 B
991 B 51ms
18ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 15:15:27 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "432cd-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H3 200 black50.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
119 B 14ms
14ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/black50.png

Requested by

Host: gazette-des-pronos.blogspot.com
URL: http://gazette-des-pronos.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:49:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Jun 2022 04:51:38 GMT
server: sffe
age: 87973
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 04 Jul 2022 14:49:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gazette-des-pronos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1194
date: Tue, 28 Jun 2022 14:55:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Jun 2022 16:55:33 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 48ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=731091369&t=pageview&_s=1&dl=http%3A%2F%2Fgazette-des-pronos.blogspot.com%2F&ul=en-us&de=UTF-8&dt=GAGETTE%20DES%20PRONOS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1195276022&gjid=2095354144&cid=1691373266.1656429327&tid=UA-135619294-1&_gid=465978328.1656429327&_r=1&gtm=2wg6m0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1552989&cd3=356041&cd4=(not%20set)&cd5=classic&z=759711003

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://gazette-des-pronos.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 15:15:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gazette-des-pronos.blogspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: deaf585f-3179-4920-9161-d7ff8752b31e
.allopass.com/	1970-01-20 12:52:45	Name: AP_CUSK Value: 3574845770
.gazette-des-pronos.blogspot.com/	1970-01-20 21:38:21	Name: _ga Value: GA1.3.1691373266.1656429327
.gazette-des-pronos.blogspot.com/	1970-01-20 04:08:35	Name: _gid Value: GA1.3.465978328.1656429327
.gazette-des-pronos.blogspot.com/	1970-01-20 04:07:09	Name: _gat_UA-135619294-1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
apis.google.com
gazette-des-pronos.blogspot.com
img.root-top.com
lemagicienduturf.free.fr
pagead2.googlesyndication.com
payment.allopass.com
resources.blogblog.com
themes.googleusercontent.com
www.blogblog.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.mega-turf.fr
www.root-top.com
www.snprono.powa.fr
www.turfsur.com
185.119.26.1
194.150.236.190
195.210.43.68
212.27.63.154
2606:4700:3035::6815:449a
2606:4700:3038::6815:ea1b
2a00:1450:4001:802::2009
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2001
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0c9a44b18ceb770e00ec78282dbb2b4b880686e3ab7d97933710b0f85d56a725
0f5e171666de3eb4c8a706489f20df066065446d2b075063035303c7da67f133
116d95fd87a2ff2206f3afba428f80c8b8008ec3e5696796c24b13f71ce30ad6
1f7d07321b2831c02cd748da9f79533ab9eb61de740a16d8ac4b0790578fb5c5
2322e267893dfaf11e11feae69e6631f0fd40050197b2abcfdc31ff6528a2eb1
2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7
235ddb6372a963808ad3e009f2122c775d3bccfeeb71ed7a013d27e22448b0a9
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
28aae532b03adabc2ee60e7a0c20273042bef4f0420bb23fa290154131ce49f0
336baba693441e253963c7ff5fd3b30c2047f2f48d74d8624264871b42a2a0a4
380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047
43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5
4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0a8c8d899c3a0a28219d8d7668ef0256652eee1bb63b5d96ba52cd3e18f03c
6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
73f2e39ffba9e88cfe64353873fbbf8f10a8ec87e19db6019b835d34052bbbf4
75c60db6a7f908d94c6dc7405959c3d918495e931f4fe65c68dc2654f1e737cf
7c675698f7c96b1049ca606eab565ecb8983ad7b70e32b0445b404ae2f2a1d51
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
7ee4ec6a4292271e63c4cebbf5002104ba0772ac146b1f0f94882f35d54af49b
83b7ac2274b3bde75dc2eadc6ee79b946bcb516d78f1b66e5c7f4240f7ba8c61
878fb3c4eb3893b38e99429b943c94539e79981282e36350ce50e3a5dd69a51d
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9c1dd374a45bf0455793284155870e57dcb3bebddd4770b582321d8e3753bb9a
9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a646d6d9739460fea598243a1b4588b2391325de3c88addc3f15abc80b9680ec
a8e3e0c9f5b855470d2a6234c8a848178d46ac3429c6e7b033483597058f5e32
b6049bb33ca3a57d6ef6368c2bf253e98a7fba1c45f173450806fc9fc187d06d
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c41da44013f0e258f2518910b3eec8479929f4b99c791fcc1fe6b644a088f9b4
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdc009096e617ff111187cc76fd78dc510e931f5d12cb0522aedc38f0f67a3f2
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
d0d59c732f489588d69638c181476fa50ef6bfecfdb8cba627504dd410fa3d27
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d8147b16a1cfbaa2510f54a9c7e101f7e5476a123f679b478adbe4cfd9a878d4
e19849bb7874e88915b91024dbd71d60d36b9d65fe370f6befc20948b5717dc6
e28e285487a16495ed0178167909a216b687aabdfed816e0ea04a8787b6695d4

gazette-des-pronos.blogspot.com Open in urlscan Pro 2a00:1450:4001:82b::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

65 %HTTPS

71 %IPv6

14 Domains

18 Subdomains

14 IPs

3 Countries

677 kBTransfer

1259 kBSize

5 Cookies

22 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

gazette-des-pronos.blogspot.com Open in urlscan Pro
2a00:1450:4001:82b::2001 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

65 %
HTTPS

71 %
IPv6

14
Domains

18
Subdomains

14
IPs

3
Countries

677 kB
Transfer

1259 kB
Size

5
Cookies

46 HTTP transactions
0 data transactions