cashsturf1.blogspot.com Open in urlscan Pro
2a00:1450:4001:810::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cashsturf1.blogspot.com/?m=1
Submission: On February 03 via manual (February 3rd 2022, 5:25:53 pm UTC) from ML — Scanned from DE

Summary HTTP 32 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 32 HTTP transactions. The main IP is 2a00:1450:4001:810::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is cashsturf1.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on January 10th 2022. Valid for: 3 months.

This is the only time cashsturf1.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5 8	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.121.164.142 91.121.164.142	16276 (OVH) (OVH)
4	2606:4700:303... 2606:4700:3035::6815:449a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3033::ac43:8d1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
32	9

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cashsturf1.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3038::6815:ea1a (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.164.142 (France)

ASN16276 (OVH, FR)
PTR: ns360576.ip-91-121-164.eu

nsm09.casimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:449a (United States)

ASN13335 (CLOUDFLARENET, US)

www.mega-turf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::ac43:8d1e (United States)

ASN13335 (CLOUDFLARENET, US)

turf-qualite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	root-top.com 5 redirects img.root-top.com	25 KB
6	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 71 lh6.googleusercontent.com — Cisco Umbrella Rank: 489	63 KB
6	blogspot.com cashsturf1.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8202	2 MB
5	turf-qualite.com turf-qualite.com	22 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 8761	70 KB
4	mega-turf.fr www.mega-turf.fr	167 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 279	17 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 13119	517 B
1	casimages.com nsm09.casimages.com	10 KB
32	9

	Domain	Requested by
8	img.root-top.com	5 redirects cashsturf1.blogspot.com
5	turf-qualite.com	cashsturf1.blogspot.com turf-qualite.com
5	lh3.googleusercontent.com	cashsturf1.blogspot.com
5	www.blogger.com	cashsturf1.blogspot.com www.blogger.com
4	www.mega-turf.fr	cashsturf1.blogspot.com
4	1.bp.blogspot.com	cashsturf1.blogspot.com
2	cashsturf1.blogspot.com	cashsturf1.blogspot.com
1	ssl.google-analytics.com	turf-qualite.com
1	resources.blogblog.com	cashsturf1.blogspot.com
1	nsm09.casimages.com	cashsturf1.blogspot.com
1	lh6.googleusercontent.com	cashsturf1.blogspot.com
32	11

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
labasedugeny.com
turf1star.blogspot.com
turf1defrance.blogspot.com
domaineturfpmu.blogspot.com
actuturf1.blogspot.com
observateurduturf.com
refescore.com
www.root-top.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://cashsturf1.blogspot.com/?m=1
Frame ID: 8D4CE86BE4E8CC9D3DD508D0E65F4409
Requests: 26 HTTP requests in this frame

Frame: https://turf-qualite.com/widget.html
Frame ID: 57C47B7B710E62D0B00AB9910E5A83F9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CASHSTURF

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

32
Requests

84 %
HTTPS

89 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

2840 kB
Transfer

3063 kB
Size

0
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2924316740736834708&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2924316740736834708&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2924316740736834708&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2924316740736834708&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2924316740736834708&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=138761752077873813&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=138761752077873813&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=138761752077873813&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=138761752077873813&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=138761752077873813&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1970936407107670489&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1970936407107670489&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1970936407107670489&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1970936407107670489&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1970936407107670489&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=3018727480058359775&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=3018727480058359775&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=3018727480058359775&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=3018727480058359775&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=3018727480058359775&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1093511565888161590&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1093511565888161590&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1093511565888161590&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1093511565888161590&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=1093511565888161590&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=202573535888816800&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=202573535888816800&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=202573535888816800&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=202573535888816800&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=202573535888816800&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2343006635147896944&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2343006635147896944&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2343006635147896944&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2343006635147896944&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2292441758869005706&postID=2343006635147896944&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: http://labasedugeny.com/

Search URL Search Domain Scan URL

URL: https://turf1star.blogspot.com/

Search URL Search Domain Scan URL

URL: https://turf1defrance.blogspot.com/

Search URL Search Domain Scan URL

URL: https://domaineturfpmu.blogspot.com/

Search URL Search Domain Scan URL

URL: https://actuturf1.blogspot.com/

Search URL Search Domain Scan URL

URL: https://observateurduturf.com/

Search URL Search Domain Scan URL

URL: http://refescore.com/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/labasedugeny/in.php?ID=2

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/megaturf/in.php?ID=1373

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/quinte/in.php?ID=548

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/guideturf/in.php?ID=529

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toppronosturf/in.php?ID=224

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/01turf/in.php?ID=602

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turf/in.php?ID=696

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/willybill/in.php?ID=94

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://img.root-top.com/topsite/labasedugeny/banner.gif HTTP 302
https://nsm09.casimages.com/img/2020/01/21//20012106592720601216612244.gif

Request Chain 12

https://img.root-top.com/topsite/megaturf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

Request Chain 13

https://img.root-top.com/topsite/quinte/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif

Request Chain 16

https://img.root-top.com/topsite/01turf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif

Request Chain 18

https://img.root-top.com/topsite/willybill/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cashsturf1.blogspot.com/ 78 KB
12 KB 399ms
274ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42d4aeb1b3821e1b774bbb88856ddb9f3306e6ea6fee133032fcfbfbbe2dc38f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Thu, 03 Feb 2022 17:25:48 GMT
date: Thu, 03 Feb 2022 17:25:48 GMT
cache-control: private, max-age=0
last-modified: Wed, 02 Feb 2022 23:51:43 GMT
etag: W/"b55a69628e56e430801da7a51c141354f7d386981221bf0731ebf94cab0a45f9"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12099
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1529571102-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 164ms
37ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcd5919bf34c7672ee85e44fd8c6a695a7ffbdd2126f4e54caecca5ca6996eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7804
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 22:55:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 01 Feb 2023 18:19:12 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 773ms
647ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2292441758869005706&zx=7ae1252a-3b81-49f4-a206-7d42553af5de

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Feb 2022 17:25:49 GMT
server: GSE
date: Thu, 03 Feb 2022 17:25:49 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TURFCASH.gif
1.bp.blogspot.com/-vyS1pS7WSI0/YLdnT8QI31I/AAAAAAAAAA4/qFkJBufez7M3eS_3v8utFe0izBEO7ioKgCK4BGAYYCw/s1600/ 2 MB
2 MB 190ms
104ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vyS1pS7WSI0/YLdnT8QI31I/AAAAAAAAAA4/qFkJBufez7M3eS_3v8utFe0izBEO7ioKgCK4BGAYYCw/s1600/TURFCASH.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

df1263ef7ec8f230e9b5f1a82d931e66b0cad618c55254e504eab112626e96f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:08:47 GMT
x-content-type-options: nosniff
age: 4621
content-disposition: inline;filename="TURFCASH.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2357692
x-xss-protection: 0
server: fife
etag: "vf"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 22:51:37 GMT

GET
H2 200 cashturf.gif
1.bp.blogspot.com/-AdO8Q08XJ1w/YMiNrN-8lCI/AAAAAAAAAD0/syLKUweUBqErh3sQQQyYyabmrEEblmlMwCLcBGAsYHQ/ 15 KB
15 KB 132ms
46ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AdO8Q08XJ1w/YMiNrN-8lCI/AAAAAAAAAD0/syLKUweUBqErh3sQQQyYyabmrEEblmlMwCLcBGAsYHQ/cashturf.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fa6a8146167cfbe5801b1bf5a6354f7477e519d39ee72ffaec2aa7cb770abf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:08:46 GMT
x-content-type-options: nosniff
age: 4622
content-disposition: inline;filename="cashturf.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15403
x-xss-protection: 0
server: fife
etag: "v3e"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Feb 2022 20:44:51 GMT

GET
H2 200 labase.gif
1.bp.blogspot.com/-tR_TMECDyrQ/YMiNE06zRgI/AAAAAAAAADs/xfpFXRLT-IsiHym2p_5TspJSxDRvO3s-ACLcBGAsYHQ/ 10 KB
10 KB 125ms
39ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tR_TMECDyrQ/YMiNE06zRgI/AAAAAAAAADs/xfpFXRLT-IsiHym2p_5TspJSxDRvO3s-ACLcBGAsYHQ/labase.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

48062375c676257e0da64bf751b95ed13ff9a7771a4ef89d17d72feb78d263a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:08:46 GMT
x-content-type-options: nosniff
age: 4622
content-disposition: inline;filename="labase.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9967
x-xss-protection: 0
server: fife
etag: "v3c"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Feb 2022 20:44:51 GMT

GET
H2 200 turfstar%2B%25281%2529.gif
lh3.googleusercontent.com/-iIKeKs-_SOo/YLeUIbOlRUI/AAAAAAAAABg/_RSt1A-Wf10gGjUfzofYKR4DvwDb8X3XQCLcBGAsYHQ/ 10 KB
10 KB 138ms
41ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-iIKeKs-_SOo/YLeUIbOlRUI/AAAAAAAAABg/_RSt1A-Wf10gGjUfzofYKR4DvwDb8X3XQCLcBGAsYHQ/turfstar%2B%25281%2529.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c8d01aca1c5083c220330ddbe1cfa177ccbed6d9a90e4dacdcd08717a0a51bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
age: 11818
content-disposition: inline;filename="turfstar (1).gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10556
x-xss-protection: 0
server: fife
etag: "v1a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 15:43:05 GMT

GET
H2 200 turfrance.gif
lh3.googleusercontent.com/-jQTNPAo-4BE/YLeUDVRMnoI/AAAAAAAAABY/mXTtQMWnXPEszMNHceJTPxaFHusqbdZ5wCLcBGAsYHQ/ 2 KB
2 KB 136ms
40ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-jQTNPAo-4BE/YLeUDVRMnoI/AAAAAAAAABY/mXTtQMWnXPEszMNHceJTPxaFHusqbdZ5wCLcBGAsYHQ/turfrance.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2bf90c8f45a393823c26028faa0dce111e645a59f4766318c779f1469d31345b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
age: 11818
content-disposition: inline;filename="turfrance.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1615
x-xss-protection: 0
server: fife
etag: "v19"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 15:43:05 GMT

GET
H2 200 domaineturf.gif
lh3.googleusercontent.com/-jiy0y8rxGXQ/YLeT-im3yBI/AAAAAAAAABU/4_yqeopREakvJcuzUv13aDfYjBRHqW_UACLcBGAsYHQ/ 12 KB
13 KB 171ms
75ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-jiy0y8rxGXQ/YLeT-im3yBI/AAAAAAAAABU/4_yqeopREakvJcuzUv13aDfYjBRHqW_UACLcBGAsYHQ/domaineturf.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

416a7befa21621ce269290c68f3fdfa576e695880623b4a3e0f3aafec41295da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
age: 11818
content-disposition: inline;filename="domaineturf.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12696
x-xss-protection: 0
server: fife
etag: "v19"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 31 Jan 2022 20:54:51 GMT

GET
H2 200 actuturf.gif
lh3.googleusercontent.com/-0naoI5ZW0-Y/YLeT4qrXtRI/AAAAAAAAABQ/F7U3Fv7CCdIN30Fh9skEeJ3nW6V_a5sugCLcBGAsYHQ/ 8 KB
8 KB 145ms
49ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-0naoI5ZW0-Y/YLeT4qrXtRI/AAAAAAAAABQ/F7U3Fv7CCdIN30Fh9skEeJ3nW6V_a5sugCLcBGAsYHQ/actuturf.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

424fd4a807274b7eecfeaf863bd5c1cad058a74ce45413ca373ba4f7cb254abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
age: 11818
content-disposition: inline;filename="actuturf.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8337
x-xss-protection: 0
server: fife
etag: "v17"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 15:43:05 GMT

GET
H2 200 observateuturf.gif
lh3.googleusercontent.com/-liWxAU0lR3k/YLeTv49MJGI/AAAAAAAAABM/8qyhRCNdnxMIky23J80ChjS6U7wfsw-igCLcBGAsYHQ/ 20 KB
20 KB 182ms
86ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-liWxAU0lR3k/YLeTv49MJGI/AAAAAAAAABM/8qyhRCNdnxMIky23J80ChjS6U7wfsw-igCLcBGAsYHQ/observateuturf.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4a2df6d6b5be6bb5213d287695486b2a98d428ecdfe97e75d3d855063d53bd34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
age: 11818
content-disposition: inline;filename="observateuturf.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20661
x-xss-protection: 0
server: fife
etag: "v17"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 30 Jan 2022 15:43:05 GMT

GET
H2 200 _Dj2fyZKdAZUBZOIG6kM96CC8xXIFoM4zS70DodapUal7WKF69oSGSteKh0Arn6XqxBvh3mn=s0-d
lh6.googleusercontent.com/proxy/ 10 KB
10 KB 140ms
40ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/_Dj2fyZKdAZUBZOIG6kM96CC8xXIFoM4zS70DodapUal7WKF69oSGSteKh0Arn6XqxBvh3mn=s0-d

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37c7686786ae03e3b6941b7df0c48cf18ae9d4933eac35db868937445b6284cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 13:51:58 GMT
x-content-type-options: nosniff
server: fife
age: 12830
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9883
x-xss-protection: 0
expires: Fri, 04 Feb 2022 13:51:58 GMT

GET
H/1.1

200
OK

20012106592720601216612244.gif
nsm09.casimages.com/img/2020/01/21//
Redirect Chain

https://img.root-top.com/topsite/labasedugeny/banner.gif
https://nsm09.casimages.com/img/2020/01/21//20012106592720601216612244.gif

10 KB
10 KB

194ms
16ms

Image
image/gif

91.121.164.142
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nsm09.casimages.com/img/2020/01/21//20012106592720601216612244.gif

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

HTTP/1.1

Server

91.121.164.142 , France, ASN16276 (OVH, FR),

Reverse DNS

ns360576.ip-91-121-164.eu

Software

Apache /

Resource Hash

48062375c676257e0da64bf751b95ed13ff9a7771a4ef89d17d72feb78d263a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 17:26:59 GMT
Last-Modified: Tue, 21 Jan 2020 18:24:49 GMT
Server: Apache
ETag: "a83f3f5-26ef-59caa85f6e69e"
Strict-Transport-Security: max-age=31556926
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.casimages.com
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9967
Expires: Fri, 03 Feb 2023 17:26:59 GMT

Redirect headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKLCG%2B9nXKKdDL0CepKp4C0LtBE%2BY2qbW9eAQmXmwpkT%2Fj8RSKU1P%2FRFR%2BFQkE%2FV84jWEawQxdgVpbwCUOj4ew9WRnyl0RVdQlZ%2FLkOPYdRUxSFRqXPHWPHFp32tw5iqSGy5wG%2BImKRM5Tzk%2ByVe"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://nsm09.casimages.com/img/2020/01/21//20012106592720601216612244.gif
cf-ray: 6d7d5c54ace068f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

5.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain

https://img.root-top.com/topsite/megaturf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

27 KB
27 KB

190ms
30ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 796114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27601
last-modified: Sun, 25 Jun 2017 11:18:37 GMT
server: cloudflare
etag: "594f9c0d-6bd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHik3ByiIHqCoWrGW1dciZzUWvyOY%2BSZBiAjt8WC1yz7Nt5vH59T6uaiHti%2FH2lFMIeHYzUEU2ekpagr9%2BusQl4XqM9mKmiPv4GErP0Zb46zn0DfDZspsncnjlgioZ7iWDH9GNDfCmcsjTtikNDe"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d7d5c569fe6927d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I%2FT%2FUpVHk1lOE0RG54ag1ndbPqZwok6riUheGHWxtFMu%2FWm9rQLdROGone4owpOaunXKRjnCm9%2Fxseo10RC485a5uOb3StmMhU1oCBpPLXmA7yclLqS%2FmFRzpf5lSuZuCLfhNAmDsVGNtBV9nr8"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
cf-ray: 6d7d5c54ace368f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

top10.gif
www.mega-turf.fr/wp-content/uploads/2017/11/
Redirect Chain

https://img.root-top.com/topsite/quinte/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif

22 KB
22 KB

189ms
29ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 795899
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22328
last-modified: Thu, 23 Nov 2017 09:08:40 GMT
server: cloudflare
etag: "5a169018-5738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY%2BW6rPmjIWWli4FN5Tcew%2FcyfzO8JKMnj4Oyq%2FTW%2FzBh%2B0T%2F7WuIbtt0%2BBYYuW3eJ%2FQoPvAn8MBBta76%2F6AvOeze%2FrFS0x%2FW%2FFwtUt5iaLz9yFG6hwKryaYCC%2FAnn%2BEK8HCXHhAQ7aU33qjDi5%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d7d5c569fe7927d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxYvuWanTv1gNubDbHfxEAWYUNOxh5Scc9bPgz72YIuj%2FhxY8Ura68kEbZkT9H2UOpCDNqsd%2BFMJTh8zJ22Me%2FYk74GuSxMt2vH8%2BDVpaQrIIL1om4VTS0LWkgf8o2glWmsCD4t%2Bp%2BunABd0%2BT8C"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
cf-ray: 6d7d5c54aceb68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/guideturf/ 6 KB
6 KB 46ms
26ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/guideturf/banner.gif
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a800064c3ae8f8086e1bff058ab3b73dbb80079845b9264e37cae4c95651a691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120940
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6266
last-modified: Wed, 02 Feb 2022 07:50:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1OvQGPIGIjQviWxaQwcT%2Bwtp92P977QS9iA%2BFiE%2BFSEH7QhplhenBQ5PaVLtyBTBeWa7VVEAzeFhhxkLbVLtkei0Dgpxg0OXzKbi2WR1EX%2B9gx0n%2FiasNkbcv0t5dHuD9U8bIEf6dzr1D9GjOqX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 6d7d5c54acea68f8-FRA
expires: Sat, 05 Feb 2022 07:50:08 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/toppronosturf/ 10 KB
10 KB 43ms
24ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/toppronosturf/banner.gif
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcec04992b1b7c68161f886cf6708c5a46c7c518392d425b37e7411713caad1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129143
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9802
last-modified: Wed, 02 Feb 2022 05:33:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChcelzLxwTTazypMH6uaSuVh2dD7LKj1IUtig4Se9CmpICPPvzN5pGcGN6oiS5n6zxgEpBBvjcz4kxLuvtmoiJfxtdz%2BO4YqVrEJHkPaweZJtVPi%2BuPD7LRnBemseViJYoZw4x9x6wbqlsQLHpcy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 6d7d5c54ace668f8-FRA
expires: Sat, 05 Feb 2022 05:33:25 GMT

GET
H2

200

01-turf0.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain

https://img.root-top.com/topsite/01turf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif

105 KB
106 KB

182ms
35ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 795901
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107801
last-modified: Sun, 03 Dec 2017 21:54:18 GMT
server: cloudflare
etag: "5a24728a-1a519"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKr2KEkqZrhFHQ1poNc2S8sM4oW1P9M8nMiH0RmjOzSrEpXowruUQajXwMus1N68aKiTLKt8F5Ek6PdoRppnGd%2B6nTcl99VLrAhbHXioa%2BeObPa4XiwpkEIER%2BeRb1544%2Bz5XbTSHphM2RkUCnjb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d7d5c569fe8927d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rcs%2F6hjsNdq4a%2BSGO6gOR5A4kORLJck7pv4HtxK7OkzZNr%2BZL7M6h2j0mJ0QH4%2BpUmfJNLMPBp0gkUvp0HkrD6hoFldY29XbMCMLL6WaqA5pd%2FT67BRYqpHRHJJqkpgMd5AGLpfJjuL4nvCu3iCd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
cf-ray: 6d7d5c54ace768f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/turf/ 6 KB
7 KB 42ms
23ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turf/banner.gif
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 919ed12832ec491b3071a92c26418defd5c24611f40f9edb4bacc1f6a072a73d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36927
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6335
last-modified: Thu, 03 Feb 2022 07:10:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv6qp6qaW00%2BtAeWfHfkSGWuWBV7Mz%2F1h1MbcjsiLXG4RZYGO9wAVYIsMm0M%2Fws%2BNhacQM0Sj%2FjLMLBL6glSrbq3shB2d91pgCxYhtHTCMZ2CJlTWvHrNhZNoC6KQkLQLoSZnzZOxIAMthBnp8ay"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 6d7d5c54acec68f8-FRA
expires: Sun, 06 Feb 2022 07:10:21 GMT

GET
H2

200

bestof.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain

https://img.root-top.com/topsite/willybill/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif

11 KB
12 KB

23ms
23ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 792021
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11718
last-modified: Sun, 03 Dec 2017 22:24:33 GMT
server: cloudflare
etag: "5a2479a1-2dc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whuwqFdYdx0fCwrbCTMZQ0lBigzmvFtSzBgytT0C9Q%2BB6wTSdGWyIC%2BwaHMEgEx39Noe2Bi%2B78cvUjEZVmLHbuQaxoEcy4sPKHwWLKtzYLqnSCL0uvnA5WluTHFMrCdmAbwnOrfBFjG4Tn2Rg3Zo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d7d5c569ff9927d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Thu, 03 Feb 2022 17:25:49 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV1QhDWixxAK7Xqsv9jbo6vPZOD4DTY44UoAASQYA%2FbHTikkupxVYer89RCOP78uQvIaFuaGgzEOM7gJtUmu5SOGhz8bdNoBgfNVMArkBYKaX0%2BH96nfcTKs%2FwlRCFKxRuEeJTfbRXV%2BhOq%2BqQ2Z"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
cf-ray: 6d7d5c54acee68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookienotice.js Show response
cashsturf1.blogspot.com/js/ 6 KB
2 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cashsturf1.blogspot.com/js/cookienotice.js

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/?m=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 09:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 07:53:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 09 Feb 2022 09:32:41 GMT

GET
H2 200 1596290430-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
56 KB 178ms
177ms Script
text/javascript 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1596290430-widgets.js

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8687dc4e9499d7c7348ace8f698a38368c4333a833468c4042b691f966b6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57166
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 06:43:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 03 Feb 2023 17:25:48 GMT

GET
H2 200 widget.html Show response
turf-qualite.com/ Frame 57C4 2 KB
1 KB 431ms
77ms Document
text/html 2606:4700:3033::ac43:8d1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turf-qualite.com/widget.html
Requested by: Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8d1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1805611df7b6c5d463a59299bd27300d3ebad7d424c3e1137fb7bf792c12584

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
content-type: text/html
last-modified: Thu, 20 Dec 2018 17:51:41 GMT
x-cache: Hit from cloudfront
via: 1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: zC9LmA4Almy2icFXD4p0hxRwuWNnZCcDUmawb3bO7YCbtut8b7RiiQ==
age: 47666
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWn96iitVb%2Bc93C6m6GwS7nlLTFPIdbzT3aoHsGcoLNWVbAQIliCEAthSjRB%2Biqf4XIHvUJBxKqE0BtjUBeCoLVUI%2Bb6aOYPqrbH1Lm1cwhWYMGx1yIybK0oezpi8KAlFu44dO8TlJcGy3t7kL1g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d7d5c569bba9110-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Q4NA7GDUPBHUPBZHZR7YUAGHSA.jpg
1.bp.blogspot.com/-U_M8Ft4h83o/YLeUccGiCzI/AAAAAAAAABw/PdtTz4EiaeYeXdM323uCuYfUUtx_-aSwACK4BGAYYCw/w1600/ 122 KB
123 KB 128ms
78ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-U_M8Ft4h83o/YLeUccGiCzI/AAAAAAAAABw/PdtTz4EiaeYeXdM323uCuYfUUtx_-aSwACK4BGAYYCw/w1600/Q4NA7GDUPBHUPBZHZR7YUAGHSA.jpg

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d873f4d0554076a8a8f1213c81ed0b93c2944d8b3c01b9d7041752ef030e380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:08:46 GMT
x-content-type-options: nosniff
age: 4622
content-disposition: inline;filename="Q4NA7GDUPBHUPBZHZR7YUAGHSA.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125284
x-xss-protection: 0
server: fife
etag: "v1d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 04 Feb 2022 16:08:46 GMT

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
517 B 40ms
39ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:20:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Jan 2022 18:03:04 GMT
server: sffe
age: 536704
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 04 Feb 2022 12:20:44 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 40ms
39ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 00:15:01 GMT
x-content-type-options: nosniff
age: 61847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 16:50:57 GMT
server: sffe
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 10 Feb 2022 00:15:01 GMT

GET
H3 200 widget.css
turf-qualite.com/assets/ Frame 57C4 166 B
844 B 59ms
41ms Stylesheet
text/css 2606:4700:3033::ac43:8d1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turf-qualite.com/assets/widget.css
Requested by: Host: turf-qualite.com
URL: https://turf-qualite.com/widget.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8d1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fadcc43ea6558093cd3de263aa67b2dd07eaf746a8bead4b16e1f6fd90330800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turf-qualite.com/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
via: 1.1 e3aaa12a3d6bdaeb78a7840f524b652c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DFW55-C3
cf-polished: origSize=170
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 20 Dec 2018 17:51:40 GMT
server: cloudflare
etag: W/"b8915fe6ca371da05d93dec62e1c2f4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeTDb1uxVLWUq3daNCqhv4yscYFcE9z75gFwA4GxRTnZPHopza32gUi6Pk434BD4YWNCZg74y3mwaXIv%2BUCc3rmDlDsthx6OROVIgJMlSYUBc%2B24yR9iTHIzFWt4%2Bzm9a1AWA%2FcYKqW00nF4mS6m"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6d7d5c577a1c913c-FRA
x-amz-cf-id: 0U4-Ohzo7lrjAh35y3cTBpR1vsQ26Xf-a6YrraXsmpI1Ke2HYOfFPA==
cf-bgj: minify

GET
H3 200 turf-qualite.png
turf-qualite.com/assets/images/ Frame 57C4 14 KB
14 KB 49ms
32ms Image
image/png 2606:4700:3033::ac43:8d1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turf-qualite.com/assets/images/turf-qualite.png
Requested by: Host: turf-qualite.com
URL: https://turf-qualite.com/widget.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8d1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e154396f73dcba3591a11672c7b94da029f1f19b2be9a245671861d7b7f6acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turf-qualite.com/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14114
last-modified: Thu, 20 Dec 2018 17:51:32 GMT
server: cloudflare
etag: "3f704f0e6f93f3e3d3df876adc67cc45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRrz5QL8DxWWT542gK%2BSDpfu%2FWb%2BcY%2Bsdo6owWtniqTo5VTfYP98JVKB4bbvRwOrBLMB42AXOYXolAvY%2FcmMWL3ql1l2%2FlmJYc0u7ZqMn8aw7sixic%2Fge9cB7YYcSE9kObJ2OPGssLMnoFNAwYrz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d7d5c577a1f913c-FRA
x-amz-cf-id: PnvPwDihGKw147TprXSxHRdUMkfW66vNeqlt0GL6iAgq0fMpOHRsGw==

GET
H3 200 email-decode.min.js Show response
turf-qualite.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 57C4 1 KB
1 KB 31ms
13ms Script
application/javascript 2606:4700:3033::ac43:8d1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turf-qualite.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: turf-qualite.com
URL: https://turf-qualite.com/widget.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8d1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turf-qualite.com/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Jan 2022 10:01:18 GMT
server: cloudflare
etag: W/"61f26d6e-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E90edazaekc67LXctkgpphaILzjY6xroT7GkcV44Fug%2FRNrdyNjinM1bMJoCcjDqSiLTBlLfKxN3iVFXQOLHsWazgl6Tvn5FJ7HAj9N%2B7PDZnK756vvtiFs4OnEjeDprzNHJZB%2BxULgTgZ15zQdz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d7d5c577a22913c-FRA
vary: Accept-Encoding
expires: Sat, 05 Feb 2022 17:25:49 GMT

GET
H3 200 rocket-loader.min.js Show response
turf-qualite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 57C4 12 KB
4 KB 30ms
13ms Script
application/javascript 2606:4700:3033::ac43:8d1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turf-qualite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: turf-qualite.com
URL: https://turf-qualite.com/widget.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8d1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turf-qualite.com/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 17:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Jan 2022 10:01:18 GMT
server: cloudflare
etag: W/"61f26d6e-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIeZW3mw77r%2BI%2BGItgkfQLuaexU%2FLzIiUuZzRxG40CvvgIdj3DEWHtloLyb7rro2ndelOMQLTsR5onQPzfyRlDxxn1SgsJ3EUu%2F%2FIVyoIdVu%2FoT0O1o77y9Ez7IZugielDUplGBm5HhYJCMP5g6S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d7d5c577a16913c-FRA
vary: Accept-Encoding
expires: Sat, 05 Feb 2022 17:25:49 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 57C4 45 KB
17 KB 149ms
37ms Script
text/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: turf-qualite.com
URL: https://turf-qualite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://turf-qualite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1400
date: Thu, 03 Feb 2022 17:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 03 Feb 2022 19:02:29 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 144ms
144ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2292441758869005706&zx=7ae1252a-3b81-49f4-a206-7d42553af5de

Requested by

Host: cashsturf1.blogspot.com
URL: https://cashsturf1.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cashsturf1.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Feb 2022 17:25:49 GMT
server: GSE
date: Thu, 03 Feb 2022 17:25:49 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cashsturf1.blogspot.com
img.root-top.com
lh3.googleusercontent.com
lh6.googleusercontent.com
nsm09.casimages.com
resources.blogblog.com
ssl.google-analytics.com
turf-qualite.com
www.blogger.com
www.mega-turf.fr
2606:4700:3033::ac43:8d1e
2606:4700:3035::6815:449a
2606:4700:3038::6815:ea1a
2a00:1450:4001:802::2008
2a00:1450:4001:803::2009
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:82a::2001
91.121.164.142
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0bcd5919bf34c7672ee85e44fd8c6a695a7ffbdd2126f4e54caecca5ca6996eb
0fa6a8146167cfbe5801b1bf5a6354f7477e519d39ee72ffaec2aa7cb770abf2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e154396f73dcba3591a11672c7b94da029f1f19b2be9a245671861d7b7f6acf
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bf90c8f45a393823c26028faa0dce111e645a59f4766318c779f1469d31345b
37c7686786ae03e3b6941b7df0c48cf18ae9d4933eac35db868937445b6284cb
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
416a7befa21621ce269290c68f3fdfa576e695880623b4a3e0f3aafec41295da
424fd4a807274b7eecfeaf863bd5c1cad058a74ce45413ca373ba4f7cb254abe
42d4aeb1b3821e1b774bbb88856ddb9f3306e6ea6fee133032fcfbfbbe2dc38f
48062375c676257e0da64bf751b95ed13ff9a7771a4ef89d17d72feb78d263a4
4a2df6d6b5be6bb5213d287695486b2a98d428ecdfe97e75d3d855063d53bd34
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b
6c8d01aca1c5083c220330ddbe1cfa177ccbed6d9a90e4dacdcd08717a0a51bd
6d873f4d0554076a8a8f1213c81ed0b93c2944d8b3c01b9d7041752ef030e380
7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf
919ed12832ec491b3071a92c26418defd5c24611f40f9edb4bacc1f6a072a73d
91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c
a1805611df7b6c5d463a59299bd27300d3ebad7d424c3e1137fb7bf792c12584
a800064c3ae8f8086e1bff058ab3b73dbb80079845b9264e37cae4c95651a691
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
df1263ef7ec8f230e9b5f1a82d931e66b0cad618c55254e504eab112626e96f1
e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f8687dc4e9499d7c7348ace8f698a38368c4333a833468c4042b691f966b6909
fadcc43ea6558093cd3de263aa67b2dd07eaf746a8bead4b16e1f6fd90330800
fcec04992b1b7c68161f886cf6708c5a46c7c518392d425b37e7411713caad1d

cashsturf1.blogspot.com Open in urlscan Pro 2a00:1450:4001:810::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

84 %HTTPS

89 %IPv6

9 Domains

11 Subdomains

9 IPs

3 Countries

2840 kBTransfer

3063 kBSize

0 Cookies

52 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cashsturf1.blogspot.com Open in urlscan Pro
2a00:1450:4001:810::2001 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

84 %
HTTPS

89 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

2840 kB
Transfer

3063 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions