www.echo-turf.com Open in urlscan Pro
2a00:1450:4001:800::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Submission: On October 28 via manual (October 28th 2022, 3:18:33 am UTC) from BF — Scanned from DE

Summary HTTP 70 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 22 domains to perform 70 HTTP transactions. The main IP is 2a00:1450:4001:800::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.echo-turf.com.
TLS certificate: Issued by GTS CA 1D4 on September 25th 2022. Valid for: 3 months.

This is the only time www.echo-turf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:800::2013	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:829::2009	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:16::b856:fbd9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 6	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
1	94.23.48.119 94.23.48.119	16276 (OVH) (OVH)
11	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2001:41d0:301... 2001:41d0:301::30	16276 (OVH) (OVH)
3	2606:4700:303... 2606:4700:3034::6815:15de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
8 9	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
70	23

2 2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.echo-turf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:16::b856:fbd9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

media.geny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3038::6815:ea1a (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.top-pmu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.turfmagique.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.48.119 (France)

ASN16276 (OVH, FR)
PTR: ks206340.kimsufi.com

services.supportduweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:301::30 (France)

ASN16276 (OVH, FR)

paris-turf.faciles.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:15de (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 8 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google.com 9 redirects apis.google.com — Cisco Umbrella Rank: 112 accounts.google.com — Cisco Umbrella Rank: 83 adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	210 KB
11	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 75	70 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	209 KB
8	blogger.com 1 redirects www.blogger.com — Cisco Umbrella Rank: 8726	174 KB
6	root-top.com 3 redirects img.root-top.com	28 KB
5	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 12201 1.bp.blogspot.com — Cisco Umbrella Rank: 9487 2.bp.blogspot.com — Cisco Umbrella Rank: 12420	937 KB
3	gstatic.com fonts.gstatic.com	58 KB
3	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 16119	2 KB
3	pronostic-facile.fr www.pronostic-facile.fr	7 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	5 KB
2	top-pmu.com www.top-pmu.com	71 KB
2	echo-turf.com www.echo-turf.com	26 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8724	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	701 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1116	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	43 KB
1	faciles.ovh paris-turf.faciles.ovh	25 KB
1	turfmagique.fr www.turfmagique.fr	12 KB
1	supportduweb.com services.supportduweb.com	37 KB
1	geny.com media.geny.com	152 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
70	22

	Domain	Requested by
11	lh3.googleusercontent.com	www.echo-turf.com www.blogger.com
9	www.google.com	8 redirects tpc.googlesyndication.com
8	pagead2.googlesyndication.com	www.echo-turf.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	www.blogger.com	1 redirects www.echo-turf.com www.blogger.com apis.google.com
6	img.root-top.com	3 redirects www.echo-turf.com
6	apis.google.com	www.echo-turf.com apis.google.com www.blogger.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	fonts.gstatic.com	www.echo-turf.com fonts.googleapis.com
3	resources.blogblog.com	www.echo-turf.com www.blogger.com
3	www.pronostic-facile.fr	www.echo-turf.com www.pronostic-facile.fr static.cloudflareinsights.com
3	4.bp.blogspot.com	www.echo-turf.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.top-pmu.com	www.echo-turf.com
2	www.echo-turf.com	www.echo-turf.com
1	www.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	www.pronostic-facile.fr
1	www.googletagmanager.com	www.pronostic-facile.fr
1	accounts.google.com	1 redirects
1	2.bp.blogspot.com	www.echo-turf.com
1	paris-turf.faciles.ovh	www.echo-turf.com
1	www.turfmagique.fr	www.echo-turf.com
1	services.supportduweb.com	www.echo-turf.com
1	1.bp.blogspot.com	www.echo-turf.com
1	media.geny.com	www.echo-turf.com
1	fonts.googleapis.com	www.echo-turf.com
70	28

This site contains links to these domains. Also see Links.

Domain
echoturf.blogspot.com
www.blogger.com
www.root-top.com
lexpertsdutierce.blogspot.com
lexpertsduquarte.blogspot.com
challengedugeny.blogspot.com
turfwinners1.blogspot.com
top-pronostic.blogspot.com
esaieturf.blogspot.com
rmc-prono.blogspot.com
armandeturf.blogspot.com
pacoturf-vip.blogspot.com
carnetgagnant-vip.blogspot.com
forceturf-vip.blogspot.com
letierceenor.blogspot.com
lapressehippique.blogspot.com
leveinardhippique.blogspot.com
www.supportduweb.com
www.turfmagique.fr
paris-turf.faciles.ovh

Subject Issuer	Validity	Valid
www.echo-turf.com GTS CA 1D4	`2022-09-25` - `2022-12-24`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
media.geny.com R3	`2022-09-07` - `2022-12-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
webestools.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
turfmagique.fr R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
visites.gratuites.ovh R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Frame ID: 84063653D18A4F73256FCE30CEFD58F7
Requests: 42 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1182036272920796749&blogName=ECHO+TURF&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.echo-turf.com/search&blogLocale=fr&v=2&homepageUrl=https://www.echo-turf.com/%3Fm%3D0&targetPostID=2740403714809953417&blogPostOrPageUrl=https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html%3Fm%3D0&vt=-4032839753909322163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
Frame ID: 66EA18AC07C3D763E618092985BE5F95
Requests: 5 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50&pageSize=21&postID=2740403714809953417&origin=https%3A%2F%2Fwww.echo-turf.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&bpli=1
Frame ID: F771698A43783D0AB735C18B7FCFD991
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: E58A465AA5CE1DFC681ECB7DC4C11691
Requests: 1 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/pf/all
Frame ID: 78FF0077F9103545A288DA8D022822C7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5205559029734622&output=html&adk=1812271804&adf=3025194257&lmt=1666875440&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.echo-turf.com%2F2022%2F10%2Fmardi-25-octobre-2022_24.html%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666927108922&bpp=3&bdt=367&idt=166&shv=r20221026&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4629337539372&frm=20&pv=2&ga_vid=845074672.1666927109&ga_sid=1666927109&ga_hid=1908187678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C21066429%2C31070591%2C44774292%2C44775016&oid=2&pvsid=1966907632841585&tmod=1948274407&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185
Frame ID: 4E22592959ADD717FE6E4C3303AB53D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F3A9D5E9E45AEB46496086EB625E05E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D5146D1328B825B70C01C9E29FBD9D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ECHO TURF: MARDI 25 OCTOBRE 2022

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

70
Requests

84 %
HTTPS

87 %
IPv6

22
Domains

28
Subdomains

23
IPs

3
Countries

2087 kB
Transfer

3075 kB
Size

4
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://echoturf.blogspot.com/p/liens.html
Title: Liens

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1182036272920796749&postID=2740403714809953417&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1182036272920796749&postID=2740403714809953417&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1182036272920796749&postID=2740403714809953417&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1182036272920796749&postID=2740403714809953417&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1182036272920796749&postID=2740403714809953417&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/livretdesgagneurs/in.php?ID=43

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/forceturf1/in.php?ID=111

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/starquinte/in.php?ID=198

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/meetingcourses/in.php?ID=173

Search URL Search Domain Scan URL

URL: https://lexpertsdutierce.blogspot.com/
Title: L'EXPERT DU TIERCE

Search URL Search Domain Scan URL

URL: https://lexpertsduquarte.blogspot.com/
Title: L'EXPERT DU QUARTE

Search URL Search Domain Scan URL

URL: https://challengedugeny.blogspot.com/
Title: CHALLENGE DU GENY

Search URL Search Domain Scan URL

URL: https://turfwinners1.blogspot.com/
Title: TURF WINNERS

Search URL Search Domain Scan URL

URL: https://top-pronostic.blogspot.com/
Title: TOP PRONOSTIC

Search URL Search Domain Scan URL

URL: https://esaieturf.blogspot.com/
Title: ESAIE TURF

Search URL Search Domain Scan URL

URL: https://rmc-prono.blogspot.com/
Title: RMC TURF

Search URL Search Domain Scan URL

URL: https://armandeturf.blogspot.com/
Title: ARMANDE TURF

Search URL Search Domain Scan URL

URL: https://pacoturf-vip.blogspot.com/
Title: PACOTURF

Search URL Search Domain Scan URL

URL: https://carnetgagnant-vip.blogspot.com/
Title: CARNETGAGNANT

Search URL Search Domain Scan URL

URL: https://forceturf-vip.blogspot.com/
Title: FORCETURF

Search URL Search Domain Scan URL

URL: https://letierceenor.blogspot.com/
Title: LE TIERCE EN OR

Search URL Search Domain Scan URL

URL: https://lapressehippique.blogspot.com/
Title: LA PRESSE HIPPIQUE

Search URL Search Domain Scan URL

URL: https://leveinardhippique.blogspot.com/
Title: LEVEINARD HIPPIQUE

Search URL Search Domain Scan URL

URL: https://www.supportduweb.com/compteur-global-gratuit-sans-inscription-live-pages-vues-visites.html

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/eurocourses011/in.php?ID=407

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/tophippique/in.php?ID=50

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/expertsprono/in.php?ID=12

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/

Search URL Search Domain Scan URL

URL: https://paris-turf.faciles.ovh/annuaire/in.php?id=26

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g1/titicourses/
Title: titicourses

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g1/zetopmagique/
Title: zetop-magique

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g1/pronocommissaire/
Title: commissaireprono

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g1/pronoduquarte/
Title: pronoduquarte

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g1/turfdejoie/
Title: turfdejoie

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g2/zeprono/
Title: zeprono

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g2/turfomania/
Title: turfomania

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g2/jegagneauxcourses/
Title: jegagneauxcourses

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g2/axielturf/
Title: axielturf

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g2/tiercecourses/
Title: tiercecourses

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g3/goldprono/
Title: goldprono

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g3/joliepronos/
Title: joliepronos

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g3/bruitdesvestieres/
Title: bruitdesvestieres

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g3/iciturf/
Title: ici-turf

Search URL Search Domain Scan URL

URL: https://www.turfmagique.fr/g3/gagnerauxcourses/
Title: gagnerauxcourses

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://img.root-top.com/topsite/livretdesgagneurs/banner.gif HTTP 302
https://www.top-pmu.com/img4/livretdesgagneurs.gif

Request Chain 10

https://img.root-top.com/topsite/meetingcourses/banner.gif HTTP 302
https://img.root-top.com/topsite/meetingcourses/topsite_banner.gif

Request Chain 14

https://img.root-top.com/topsite/eurocourses011/banner.gif HTTP 302
https://www.top-pmu.com/img4/eurodescourses.gif

Request Chain 33

https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50&pageSize=21&postID=2740403714809953417&origin=https://www.echo-turf.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__ HTTP 302
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1182036272920796749%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2740403714809953417%26origin%3Dhttps://www.echo-turf.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.de.xUkR-bAKkoQ.O/d%253D1/rs%253DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1182036272920796749%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2740403714809953417%26origin%3Dhttps://www.echo-turf.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.de.xUkR-bAKkoQ.O/d%253D1/rs%253DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/m%253D__features__%26bpli%3D1&go=true HTTP 302
https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50&pageSize=21&postID=2740403714809953417&origin=https%3A%2F%2Fwww.echo-turf.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&bpli=1

Request Chain 55

https://www.google.com/s2/photos/public/AIbEiAIAAABECLm007mFg6aAogEiC3ZjYXJkX3Bob3RvKig0NjI3YzdlOTAyOTRjOGViOGQyZGE3ZmU3NDRjM2U3YjU0NjFhNzk1MAEkBgnAAuqKrU7LNQoASmq_wzM3cQ HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu8lldlsghf88svDQ6CS90cNOXIQ7dL3uxrvNjr0Tg=s96-p

Request Chain 56

https://www.google.com/s2/photos/public/AIbEiAIAAABECPGT6fTQlrGI-QEiC3ZjYXJkX3Bob3RvKihlN2QyMzRmZjMxMDliMGQ0ZjExMjRhMzJlOWQwNTVmZGQxM2FjNWY5MAFs8deeNIVzbukoeu9EU3e47xIOsg HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu9gJ4ng818fqdOVd-5aeAx98tgrxITVV6QwOLuf=s96-p

Request Chain 57

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKig3MjgwZmI3OTA1OGExZmQzZmFiM2EzOGIwOTNlMGUzMGNkNDM1MmZkMAEDTJkPSRHDqJYBhW9x8w2UF0RaOQ HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu_loJR8JRwP819wGcpb908IIPE15cAj5MaarGQGRQ=s96-p

Request Chain 58

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPac2JaSi6XVMCILdmNhcmRfcGhvdG8qKDAzZWY5MjgzODdmYWEwNTk2NzE1NWM5MjA5MTYxZTBhNTM5OTUyYjIwAeOMrubz7Z4h97ua-B3uwUhfxxlD HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu-eNbKvv97UGtdVzNfT-iNZ80_XxRp7CejVvukm_g=s96-p

Request Chain 59

https://www.google.com/s2/photos/public/AIbEiAIAAABECNbHtrq1uqG0sAEiC3ZjYXJkX3Bob3RvKig2ZjNmMWM4YTZlMmQ4Zjc3OTViZGE1OWJmZTdlYmExZGEzMmQ2NmFjMAEg33Ejb9Q3v6sOpDk1xAa27vrLKw HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu_rC74CqV5gG9ooKlx00qGwjv2dyOSvmeRPko9biA=s96-p

Request Chain 60

https://www.google.com/s2/photos/public/AIbEiAIAAABECMur1-L_1NGJ1gEiC3ZjYXJkX3Bob3RvKig3NjgzY2UwZTI4ZmJkZmIzZTFiMmI3OGVmNTkzYWEyZDUxZjAwYjA0MAFU0Hlr5TE3OwgAQoQpILhuinGB0Q HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu8gkAknrTapITdb4OSjEOCDNJuchK7B5x2P7jcZLg=s96-p

Request Chain 61

https://www.google.com/s2/photos/public/AIbEiAIAAABECNnc1c-97eTYnwEiC3ZjYXJkX3Bob3RvKig1MmE2ZTIyYWM0MWE3ZjU0MmE2NjVkZDgzMjk2MWVlNzg2MTFjNjUxMAESdhRFzUOvFFC_ptr73x1s62xSrg HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu9MVNPGELHGR75yVBf2YSwcpKp5djOjPbPDim-Vgw=s96-p

Request Chain 62

https://www.google.com/s2/photos/public/AIbEiAIAAABECMzbw-6F5bb3ygEiC3ZjYXJkX3Bob3RvKig0MGMxNmY1OTIzNTY5ZjI3ZTA1MGNjNTFiNmI2YzE0MTMzZDg3NDk3MAGX79FzIJIFwZjip102fFMbr4ER0Q HTTP 302
https://lh3.googleusercontent.com/a-/ACNPEu_zX-xiVsa9D_Uvh0O6SyGwXBS5IABnrx2nK7oktw=s96-p

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mardi-25-octobre-2022_24.html Show response
www.echo-turf.com/2022/10/ 64 KB
24 KB 406ms
311ms Document
text/html 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a25606b18fb7785ba6fd96e368eadc2cecc9249584fb50344ddc625bfed43db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 23897
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 03:18:28 GMT
etag: W/"f936b35843a0e9335b956ae84fcf8944506a4f1728533b76d5eac77b63b5d6b5"
expires: Fri, 28 Oct 2022 03:18:28 GMT
last-modified: Thu, 27 Oct 2022 12:57:20 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 180ms
14ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 07:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 27 Oct 2023 16:11:16 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 274ms
128ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1182036272920796749&zx=9a67d09e-bdad-433e-8913-755767f5fce4

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 28 Oct 2022 03:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Oct 2022 03:18:28 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 142ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d2ac59fbf4ed2b13f437263845fd5c796215508daf3ff01221fc4fa3db20bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55025
x-xss-protection: 0
server: cafe
etag: 17851067126153406772
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:18:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 171ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Libre+Baskerville&family=Alfa+Slab+One&family=Archivo+Black&family=Ramabhadra

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b14397840941be365cc5c95c7d125ed45e37d356823610297e841afde72b00a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 03:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 03:18:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 03:18:28 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 167ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df3eed16af13a1c0a7c76240a20329f23ddd2efe0109fed0d6a08c68d68f4a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 03:18:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20983
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "475ae4105839918b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:18:28 GMT

GET
H2 200 ECHO.png
4.bp.blogspot.com/-C8NlXzSdtYs/X9Whzusyt4I/AAAAAAAAAKI/7fcBm5Ln5EwpJKPG9u2CNmT-Oh3meyA6ACK4BGAYYCw/s1600/ 337 KB
337 KB 127ms
48ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-C8NlXzSdtYs/X9Whzusyt4I/AAAAAAAAAKI/7fcBm5Ln5EwpJKPG9u2CNmT-Oh3meyA6ACK4BGAYYCw/s1600/ECHO.png

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4df2f76b3d8574bda8597099f4e4708e3f22373babc540887f6671c4d8676cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
x-content-type-options: nosniff
server: fife
etag: "va3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ECHO.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345175
x-xss-protection: 0
expires: Sat, 29 Oct 2022 03:18:28 GMT

GET
H/1.1 200
OK prono_image_4160959.jpg
media.geny.com/web/image/prono/59/ 151 KB
152 KB 239ms
24ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbd9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.geny.com/web/image/prono/59/prono_image_4160959.jpg

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbd9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0862d19912088706872890e355b499579d444a7ad501a21d95ac74cb17de8439

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline', frame-ancestors https://.genybet.fr https://.genybet.biz
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline', frame-ancestors https://*.genybet.fr https://*.genybet.biz
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 30 Sep 2022 11:24:48 GMT
Server: nginx
Date: Fri, 28 Oct 2022 03:18:28 GMT
ETag: "6336d200-25d3b"
Content-Type: image/jpeg
Cache-Control: max-age=29232793
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154939
X-XSS-Protection: 1; mode=block
Expires: Sun, 01 Oct 2023 11:31:41 GMT

GET
H/1.1

200
OK

livretdesgagneurs.gif
www.top-pmu.com/img4/
Redirect Chain

https://img.root-top.com/topsite/livretdesgagneurs/banner.gif
https://www.top-pmu.com/img4/livretdesgagneurs.gif

37 KB
37 KB

130ms
18ms

Image
image/gif

194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.top-pmu.com/img4/livretdesgagneurs.gif

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

HTTP/1.1

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

d99ac8d6e6010751a0e67a59e60341b9d8d2eae68861e67a919cbdf664a4b270

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 03:18:29 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 09 Aug 2022 06:41:46 GMT
Server: Apache
ETag: "28edaf5-946d-5e5c939e43e80"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 37997

Redirect headers

date: Fri, 28 Oct 2022 03:18:28 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAc%2FrBquSRN3%2Ft22dwSvLBW2X4n7Enlxe2XEWx%2FNOlZtITpmegYi1U2bx%2FagLRmFbY%2F7y13aJodgoZoiqKJqWpy9Gl6SzDH5vSBlqo87SaUFmEQTZIWN7R%2FdW7AzwQxsaE0IaakwTLQ3VKI7r6jV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.top-pmu.com/img4/livretdesgagneurs.gif
cf-ray: 7610863dfb88bbb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/forceturf1/ 12 KB
12 KB 76ms
20ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/forceturf1/banner.gif
Requested by: Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f7c083d2fcbbd10b9432bfcbd6ad05fcdb116233a1e95e872f0b6ed164593f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 11:11:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58031
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYhPqfI4RXdl3qS35wDTnpCr%2Bg24X6EwCzWkWy7jk%2BuQ1p7MHbclpZGKYe5Ni6UK67fhbw9Ia6O0UO8mIUvfaC1vUjN1BmROROAKweL3glXunmL6ijy%2FcRaxCTERjGbkTDLATQLzmGCR04BuLsx8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7610863dfb89bbb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11973
expires: Sun, 30 Oct 2022 11:11:17 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/starquinte/ 12 KB
12 KB 76ms
21ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/starquinte/banner.gif
Requested by: Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae21217e172e5a1117a7ac148662a5a330edfdc34f86e8a6d85f5bf7e049c41b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 08:41:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 67035
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jl3ENS7xlisZ9TjMtqfRVhy5nDQ6EWNpnS4P4A3HqqilPplsqIFZhpLEqOcPkOZB5YRjgHT2%2BuqOMgZejos7lqWJmlbGZ2cqhI1%2F8o%2F7RxVSTbC%2FEMTIG9CucvYHlNslhnzM1km%2FZy%2B%2BixEr592"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7610863dfb8cbbb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11844
expires: Sun, 30 Oct 2022 08:41:13 GMT

GET
H3

200

topsite_banner.gif
img.root-top.com/topsite/meetingcourses/
Redirect Chain

https://img.root-top.com/topsite/meetingcourses/banner.gif
https://img.root-top.com/topsite/meetingcourses/topsite_banner.gif

3 KB
3 KB

62ms
38ms

Image
text/html

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/meetingcourses/topsite_banner.gif
Requested by: Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae9c8283b6881053659b72208455056980b823207c054fe902ad7af62d63a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 08:03:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 933316
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSQgsBvr9vMDmhjJWq6tkJ8j3eKCBEMSpqAQUr7PHMcapsV7NjAbO26ysuFRaEkdIT3vytl7mAmctu1IxoIH45TAZYt3qzNN5Y%2FyE4pOvFJRkiG2LbH5G7BlbetdlOVM%2Bb2zVLKnhcTcXClcGgmH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=2678400
cf-ray: 7610863f18e2b761-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 08:03:12 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:28 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3YxY9UPIIhCHZVQ2ywW67IPkA4iR8djq35ABs59DoLxfUZqtnixHhZLjVEwRzy9O54QZvOfSLihTVJHuTRUYyHW%2B1TarR1W0juQdn3YKjT8LPiokJU8%2FYjVm3D1OM7ezOTOiEDivqDLd3bdERPF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://img.root-top.com/topsite/meetingcourses/topsite_banner.gif
cf-ray: 7610863dfb8abbb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 51ccnx6HD-L__SX260_.jpg
1.bp.blogspot.com/-_4N3fIW4mFE/X8-JjYvGToI/AAAAAAAAAJw/LAFdqq28qGQ1taVzoM6URa2zvWQpMadjgCK4BGAYYCw/s1600/ 22 KB
22 KB 73ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_4N3fIW4mFE/X8-JjYvGToI/AAAAAAAAAJw/LAFdqq28qGQ1taVzoM6URa2zvWQpMadjgCK4BGAYYCw/s1600/51ccnx6HD-L__SX260_.jpg

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2c3141c4f5bd4baa8bd09b295fefe874a89b9a060d552319466f662be74302b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="51ccnx6HD-L__SX260_.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22162
x-xss-protection: 0
server: fife
etag: "v9d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 24 Oct 2022 08:11:05 GMT

GET
H2 200 grandsecret_bann_160x600.jpg
4.bp.blogspot.com/-zfA0zVRZ3R4/XxgyXV6gZgI/AAAAAAAAAHw/latE2luhBWEkKGD1LIXJCjgBuYu2KHIjgCK4BGAYYCw/s1600/ 35 KB
36 KB 66ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-zfA0zVRZ3R4/XxgyXV6gZgI/AAAAAAAAAHw/latE2luhBWEkKGD1LIXJCjgBuYu2KHIjgCK4BGAYYCw/s1600/grandsecret_bann_160x600.jpg

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

990ec4c3ed9292be7c07707b6ce55b9c4511e4f25b3c7974198d6682a8047e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="grandsecret_bann_160x600.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35945
x-xss-protection: 0
server: fife
etag: "v7d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 11 Oct 2022 07:14:23 GMT

GET
H/1.1 200
OK 138264-25.png
services.supportduweb.com/cpt_global/ 37 KB
37 KB 136ms
64ms Image
image/png 94.23.48.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.supportduweb.com/cpt_global/138264-25.png
Requested by: Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.48.119 , France, ASN16276 (OVH, FR),
Reverse DNS: ks206340.kimsufi.com
Software: nginx/1.18.0 /
Resource Hash: ec4aaf9c8b0d63c7143187e8355d8972af2d8f5fcbc2bfced69baa83700b1689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png
Date: Fri, 28 Oct 2022 03:18:28 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

eurodescourses.gif
www.top-pmu.com/img4/
Redirect Chain

https://img.root-top.com/topsite/eurocourses011/banner.gif
https://www.top-pmu.com/img4/eurodescourses.gif

33 KB
33 KB

128ms
17ms

Image
image/gif

194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.top-pmu.com/img4/eurodescourses.gif

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

HTTP/1.1

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

656f1a9534379a5116f43d2fcd0c6f3600d7b32032bca94cdecfba997bf79d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 03:18:29 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 09 Aug 2022 06:41:29 GMT
Server: Apache
ETag: "28edaa4-83d6-5e5c938e0d840"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 33750

Redirect headers

date: Fri, 28 Oct 2022 03:18:28 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FLZU6JWChnEn%2FlaA0d96uklMTJeUQNTrKJHOB4icDgIUsiherV8cYDApIBl%2F8BxhY2kziigytWKyK9G%2BUEnjTqVup0OtX6RHeoDk%2Fb90wjm6%2FftzB5TL%2BGQkMaZMN3RI%2B52JGsS0J5ZTUPiM5sU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.top-pmu.com/img4/eurodescourses.gif
cf-ray: 7610863dfb87bbb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ANbyha1GNLWY5wz_84uT0BrvLYWl8xN4iaBPkE71FlHrdYhMvCKEzNUDo7EFLJt494xg4GIYubMvpxEQx1wr_DWiS897jXgE08YIMWvjF5UkoJAfktwG3_VQSD6x=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 8 KB
9 KB 61ms
22ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1GNLWY5wz_84uT0BrvLYWl8xN4iaBPkE71FlHrdYhMvCKEzNUDo7EFLJt494xg4GIYubMvpxEQx1wr_DWiS897jXgE08YIMWvjF5UkoJAfktwG3_VQSD6x=s0-d

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

50ae281f2597c21a7bc262a8b3420aa5e76a63e6e670d007f4cc5fd779e02722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8475
x-xss-protection: 0
expires: Sat, 29 Oct 2022 03:18:28 GMT

GET
H2 200 ANbyha2tTKfzLFBHpbq044U8nxOUFM7Q8EjrsOdArBuErTZUt7o_XZ0XI46F1YzGZ9ORZfMCsBlsZ5qxxp-7CcQNwHLv7KAganocGQxHUCVI4iylCsCmVo7Gs3JIBA=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 116ms
76ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2tTKfzLFBHpbq044U8nxOUFM7Q8EjrsOdArBuErTZUt7o_XZ0XI46F1YzGZ9ORZfMCsBlsZ5qxxp-7CcQNwHLv7KAganocGQxHUCVI4iylCsCmVo7Gs3JIBA=s0-d

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e4fe75a647035b5f28301dde35e931b434f6981cf2c4a5fc944a2de43aad7c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 03:18:28 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2580
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo.gif
www.turfmagique.fr/img/ 12 KB
12 KB 145ms
24ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfmagique.fr/img/logo.gif

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

1de0da063aa64f4475fec8c07e348c54ea17f58f81f4dc7e23802ca38556c73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 03:18:28 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Wed, 20 Oct 2021 06:16:03 GMT
Server: Apache
ETag: "2611273-2f70-5cec2b66b0ec0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 12144

GET
H2 200 TURF90.gif
paris-turf.faciles.ovh/annuaire/ 25 KB
25 KB 103ms
25ms Image
image/gif 2001:41d0:301::30
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paris-turf.faciles.ovh/annuaire/TURF90.gif
Requested by: Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::30 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 7e126153266a02890822fe3a4442492ac6edee89166c330166f500c6e92b6e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
last-modified: Sat, 26 Feb 2022 16:44:13 GMT
server: Apache
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 25384
expires: Fri, 28 Oct 2022 03:33:28 GMT

GET
H2 200 anigifwestern.gif
2.bp.blogspot.com/-0UkRHv-QpBs/XttjZHrY_TI/AAAAAAAAAG0/iPfxlIiGnEMIvchFzP1vm5vxe4JCBqvTACK4BGAYYCw/s1600/ 525 KB
526 KB 69ms
29ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-0UkRHv-QpBs/XttjZHrY_TI/AAAAAAAAAG0/iPfxlIiGnEMIvchFzP1vm5vxe4JCBqvTACK4BGAYYCw/s1600/anigifwestern.gif

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f0dda45144637754c009fc1a179d034b739869d254bda0773351e0ef8de48ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="anigifwestern.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537764
x-xss-protection: 0
server: fife
etag: "v6f"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 24 Oct 2022 08:11:05 GMT

GET
H2 200 pf Show response
www.pronostic-facile.fr/widget/partner/script/ 239 B
820 B 192ms
79ms Script
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/script/pf
Requested by: Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88518a6eb401461a4de73806315ecb7292d347fcba058e8edd1470aa5349bbc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-runtime: 1
date: Fri, 28 Oct 2022 03:18:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjaSQGxZup4BKbf%2FyfpX14N09ZrVS5LmO%2F5Kbs7Wy7sGvJbvfdhDfI82P4vUGtR0sj%2FiK4Pk9Aj5cKqj9zAG5aYFNSMzH0a6sKL931PxSJS7enkWELO%2BQDHEqeLMjM9EWCfQ01ShooTuuBKQKVU8zpidAaJmXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 7610863e69830c85-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookienotice.js Show response
www.echo-turf.com/js/ 6 KB
2 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.echo-turf.com/js/cookienotice.js

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 22:52:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 04 Nov 2022 03:18:28 GMT

GET
H2 200 3415829940-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3415829940-widgets.js

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4587fe29c58b49ab5cf936bb62e29921f0abf7893fffb3797f21f6710e52f5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 02:04:14 GMT
x-content-type-options: nosniff
age: 90854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157725
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 14:52:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 27 Oct 2023 02:04:14 GMT

GET
H2 200 39052.gif
4.bp.blogspot.com/-zHvTZsALZm4/X9CM0mznmYI/AAAAAAAAAJ8/t0vTm8Jc2yMuHKCkOm9q7UmogP4oHBBPwCK4BGAYYCw/w1600/ 16 KB
16 KB 114ms
47ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-zHvTZsALZm4/X9CM0mznmYI/AAAAAAAAAJ8/t0vTm8Jc2yMuHKCkOm9q7UmogP4oHBBPwCK4BGAYYCw/w1600/39052.gif

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb5fdd0b590f716e8ce4ea6c329734d12857f77caa8133588cc6a451a9d144b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="39052.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16072
x-xss-protection: 0
server: fife
etag: "va0"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:57:01 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 174 KB
57 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cfe899c3ff0cb12781f8ccf4cb9113972368035466813a88fe00d76ffd47006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58122
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 16:39:51 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
547 B 53ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 02:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 02:18:50 GMT

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fcf17268b0625134ffba2235b50c53d2fdc87a44e5289f8fcbae83ec10f735f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
542 B 63ms
13ms Image
image/png 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:57:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 19:17:05 GMT
server: sffe
age: 253272
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 01 Nov 2022 04:57:16 GMT

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 14ms
13ms Image
image/png 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 12:16:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 14:51:46 GMT
server: sffe
age: 226932
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 01 Nov 2022 12:16:16 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 53ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echo-turf.com/
Origin: https://www.echo-turf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 05:41:25 GMT
x-content-type-options: nosniff
age: 77823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 05:41:25 GMT

GET
H2 200 HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
fonts.gstatic.com/s/archivoblack/v17/ 18 KB
18 KB 69ms
30ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivoblack/v17/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Libre+Baskerville&family=Alfa+Slab+One&family=Archivo+Black&family=Ramabhadra

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.echo-turf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:56:20 GMT
x-content-type-options: nosniff
age: 274928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18604
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:56:20 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 26 KB
27 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Libre+Baskerville&family=Alfa+Slab+One&family=Archivo+Black&family=Ramabhadra

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.echo-turf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:11:07 GMT
x-content-type-options: nosniff
age: 274041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 23:11:07 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 66EA 7 KB
3 KB 161ms
160ms Document
text/html 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=1182036272920796749&blogName=ECHO+TURF&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.echo-turf.com/search&blogLocale=fr&v=2&homepageUrl=https://www.echo-turf.com/%3Fm%3D0&targetPostID=2740403714809953417&blogPostOrPageUrl=https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html%3Fm%3D0&vt=-4032839753909322163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a0bb8b4054c6f81fb7b87b92c1d265d04012af057031dfdb7eadd231376f64a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.echo-turf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2633
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 03:18:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

followers.g Show response
www.blogger.com/ Frame F771
Redirect Chain

https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk...
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1182036272920796749%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OT...
https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk...

13 KB
3 KB

304ms
304ms

Document
text/html

2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50&pageSize=21&postID=2740403714809953417&origin=https%3A%2F%2Fwww.echo-turf.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&bpli=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6074afaf17d8f5cc5330d80d69971aebedd40485f89af6f7ad1d2566273bc1c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.echo-turf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 3283
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 03:18:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 482
content-security-policy: script-src 'report-sample' 'nonce-Rt6iSTEuOsoFiJ1wg1ygUg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport require-trusted-types-for 'script';report-uri /cspreport
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
date: Fri, 28 Oct 2022 03:18:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50&pageSize=21&postID=2740403714809953417&origin=https%3A%2F%2Fwww.echo-turf.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&bpli=1
pragma: no-cache
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
server: GSE
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 629ms
629ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1182036272920796749&zx=9a67d09e-bdad-433e-8913-755767f5fce4

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 28 Oct 2022 03:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Oct 2022 03:18:29 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ 354 KB
116 KB 96ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205559029734622&plah=www.echo-turf.com&bust=31070591

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f572d88d33d876a51fbbfc2a15c06d9f47086e477e43c2d31b47c140c966afb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119021
x-xss-protection: 0
server: cafe
etag: 7115806189520187989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:18:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame E58A 10 KB
5 KB 99ms
16ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echo-turf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:38:25 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 18:38:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 all Show response
www.pronostic-facile.fr/widget/partner/pf/ Frame 78FF 16 KB
6 KB 79ms
44ms Document
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/pf/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/script/pf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38ee2f0d54dfc983265a8e59198026cc42fc8f84306d48f26c20c676ab16913

Request headers

Referer: https://www.echo-turf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7610863f386ab8f4-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Oct 2022 03:18:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZA2h4ujfwVH5U5kndBeicqrW0UhTmI8dold%2BlOruz5OH3hbhj15ptMsXwnbfMZWWEync%2B2v%2BOsXQFpulCllA5akKIa9AbqRjlxSOY8QCrChJtOGBgiZlPWeJqnwY5W7IzcSwyhPqvJjsxGAQd3drQRvK2iuwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 4

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 66EA 54 KB
21 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1182036272920796749&blogName=ECHO+TURF&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.echo-turf.com/search&blogLocale=fr&v=2&homepageUrl=https://www.echo-turf.com/%3Fm%3D0&targetPostID=2740403714809953417&blogPostOrPageUrl=https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html%3Fm%3D0&vt=-4032839753909322163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d15981e02e446c369d815fa786a121df7eed1dfda1688d303b47a0e976d353c3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 03:18:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20993
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "50145796f94f24e3"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:18:29 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 66EA 907 B
930 B 20ms
20ms Image
image/png 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:54:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 23 Oct 2022 23:50:42 GMT
server: sffe
age: 311036
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 31 Oct 2022 12:54:33 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 66EA 117 B
140 B 20ms
19ms Image
image/png 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:32:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 00:54:14 GMT
server: sffe
age: 110768
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 02 Nov 2022 20:32:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 78FF 109 KB
43 KB 64ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/pf/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50b8d724ab849153cb0d90cb42b3766c5d15356c41ac67ff27f61ebae668725d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43559
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 03:18:29 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 78FF 17 KB
6 KB 93ms
66ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/pf/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:29 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7610863fbc22925c-FRA

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ Frame 66EA 128 KB
42 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42685
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 16:39:52 GMT

GET
DATA 200
OK truncated
/ Frame 78FF 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
701 B 106ms
24ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.echo-turf.com&callback=_gfp_s_&client=ca-pub-5205559029734622&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205559029734622&plah=www.echo-turf.com&bust=31070591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f4224f1b36c2e9c135a71888cbb94afab714df34fa4c54a4155f8e8c83eab51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 80ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.echo-turf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 75ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.echo-turf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.echo-turf.com%2F2022%2F10%2Fmardi-25-octobre-2022_24.html%3Fm%3D0&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.echo-turf.com
URL: https://www.echo-turf.com/2022/10/mardi-25-octobre-2022_24.html?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E22 603 B
68 B 68ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5205559029734622&output=html&adk=1812271804&adf=3025194257&lmt=1666875440&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.echo-turf.com%2F2022%2F10%2Fmardi-25-octobre-2022_24.html%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666927108922&bpp=3&bdt=367&idt=166&shv=r20221026&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4629337539372&frm=20&pv=2&ga_vid=845074672.1666927109&ga_sid=1666927109&ga_hid=1908187678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C21066429%2C31070591%2C44774292%2C44775016&oid=2&pvsid=1966907632841585&tmod=1948274407&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echo-turf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 03:18:29 GMT
expires: Fri, 28 Oct 2022 03:18:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 78FF 49 KB
20 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 03:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 991
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 05:01:58 GMT

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame 78FF 0
147 B 17ms
17ms XHR
text/plain 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/partner/pf/all
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Oct 2022 03:18:29 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 76108640a9fab8f4-AMS

GET
H3 200 platform.js Show response
apis.google.com/js/ Frame F771 54 KB
21 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=1182036272920796749&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByM5OTk5OTkqByNmZmZmZmYyByMzM2FhZmY6ByMyMjIyMjJCByM5OTk5OTlKByM5OTk5OTlSByM5OTk5OTlaC3RyYW5zcGFyZW50&pageSize=21&postID=2740403714809953417&origin=https%3A%2F%2Fwww.echo-turf.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df3eed16af13a1c0a7c76240a20329f23ddd2efe0109fed0d6a08c68d68f4a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 03:18:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20983
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "475ae4105839918b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:18:29 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ Frame F771 128 KB
42 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42685
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 16:38:03 GMT

GET
H3 200 default-user=s45-c
lh3.googleusercontent.com/a/ Frame F771 316 B
341 B 43ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/default-user=s45-c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 23:47:42 GMT
x-content-type-options: nosniff
age: 12647
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
server: fife
etag: "v0"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 22 Oct 2022 07:46:28 GMT

GET
H3

200

ACNPEu8lldlsghf88svDQ6CS90cNOXIQ7dL3uxrvNjr0Tg=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECLm007mFg6aAogEiC3ZjYXJkX3Bob3RvKig0NjI3YzdlOTAyOTRjOGViOGQyZGE3ZmU3NDRjM2U3YjU0NjFhNzk1MAEkBgnAAuqKrU7LNQoASmq_wzM3cQ
https://lh3.googleusercontent.com/a-/ACNPEu8lldlsghf88svDQ6CS90cNOXIQ7dL3uxrvNjr0Tg=s96-p

7 KB
7 KB

28ms
27ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu8lldlsghf88svDQ6CS90cNOXIQ7dL3uxrvNjr0Tg=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

688283ca32c580173b5e09505e7bd90d89456bd579a873b8db897afc852e6218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7059
x-xss-protection: 0
server: fife
etag: "v178"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 28 Sep 2022 14:12:52 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-zv2pMRjumyIHWRKSUnZeQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu8lldlsghf88svDQ6CS90cNOXIQ7dL3uxrvNjr0Tg=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ACNPEu9gJ4ng818fqdOVd-5aeAx98tgrxITVV6QwOLuf=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECPGT6fTQlrGI-QEiC3ZjYXJkX3Bob3RvKihlN2QyMzRmZjMxMDliMGQ0ZjExMjRhMzJlOWQwNTVmZGQxM2FjNWY5MAFs8deeNIVzbukoeu9EU3e47xIOsg
https://lh3.googleusercontent.com/a-/ACNPEu9gJ4ng818fqdOVd-5aeAx98tgrxITVV6QwOLuf=s96-p

7 KB
7 KB

43ms
43ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu9gJ4ng818fqdOVd-5aeAx98tgrxITVV6QwOLuf=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2990d01ae49ccc36082eb64b9cad3e7cf69900d691d5f8c3a8f8ccd502827f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7521
x-xss-protection: 0
server: fife
etag: "v28f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:57:11 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'report-sample' 'nonce-DwTFSPKIFSLYboDSv7Y8fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu9gJ4ng818fqdOVd-5aeAx98tgrxITVV6QwOLuf=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ACNPEu_loJR8JRwP819wGcpb908IIPE15cAj5MaarGQGRQ=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECLGBg6eEuuqR8gEiC3ZjYXJkX3Bob3RvKig3MjgwZmI3OTA1OGExZmQzZmFiM2EzOGIwOTNlMGUzMGNkNDM1MmZkMAEDTJkPSRHDqJYBhW9x8w2UF0RaOQ
https://lh3.googleusercontent.com/a-/ACNPEu_loJR8JRwP819wGcpb908IIPE15cAj5MaarGQGRQ=s96-p

5 KB
5 KB

41ms
39ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu_loJR8JRwP819wGcpb908IIPE15cAj5MaarGQGRQ=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

198a6a9ad7bc17bafcf52300559b557cd8818f4c306a276fda65e4c964fdb1f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4772
x-xss-protection: 0
server: fife
etag: "v1b4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 08 Oct 2022 07:24:52 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-7RjbOyEY84KKq6nTfl6RyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu_loJR8JRwP819wGcpb908IIPE15cAj5MaarGQGRQ=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ACNPEu-eNbKvv97UGtdVzNfT-iNZ80_XxRp7CejVvukm_g=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPac2JaSi6XVMCILdmNhcmRfcGhvdG8qKDAzZWY5MjgzODdmYWEwNTk2NzE1NWM5MjA5MTYxZTBhNTM5OTUyYjIwAeOMrubz7Z4h97ua-B3uwUhfxxlD
https://lh3.googleusercontent.com/a-/ACNPEu-eNbKvv97UGtdVzNfT-iNZ80_XxRp7CejVvukm_g=s96-p

5 KB
5 KB

31ms
30ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu-eNbKvv97UGtdVzNfT-iNZ80_XxRp7CejVvukm_g=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9dce2df5ae54eccd9237ab00634f392660973e8a711f25ed1d03b94d097da18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4676
x-xss-protection: 0
server: fife
etag: "v2a0a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:57:11 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-L3nfm3nue3IdjSWVz6NXMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu-eNbKvv97UGtdVzNfT-iNZ80_XxRp7CejVvukm_g=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ACNPEu_rC74CqV5gG9ooKlx00qGwjv2dyOSvmeRPko9biA=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECNbHtrq1uqG0sAEiC3ZjYXJkX3Bob3RvKig2ZjNmMWM4YTZlMmQ4Zjc3OTViZGE1OWJmZTdlYmExZGEzMmQ2NmFjMAEg33Ejb9Q3v6sOpDk1xAa27vrLKw
https://lh3.googleusercontent.com/a-/ACNPEu_rC74CqV5gG9ooKlx00qGwjv2dyOSvmeRPko9biA=s96-p

8 KB
8 KB

30ms
29ms

Image
image/gif

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu_rC74CqV5gG9ooKlx00qGwjv2dyOSvmeRPko9biA=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5b775acbbae930da6562d045f1496e779e638c128dc5bf4a63069af16815ef1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8111
x-xss-protection: 0
server: fife
etag: "v123"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Oct 2022 19:55:59 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-x8tmZeFOS7Y3T4OS2WcMUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu_rC74CqV5gG9ooKlx00qGwjv2dyOSvmeRPko9biA=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ACNPEu8gkAknrTapITdb4OSjEOCDNJuchK7B5x2P7jcZLg=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECMur1-L_1NGJ1gEiC3ZjYXJkX3Bob3RvKig3NjgzY2UwZTI4ZmJkZmIzZTFiMmI3OGVmNTkzYWEyZDUxZjAwYjA0MAFU0Hlr5TE3OwgAQoQpILhuinGB0Q
https://lh3.googleusercontent.com/a-/ACNPEu8gkAknrTapITdb4OSjEOCDNJuchK7B5x2P7jcZLg=s96-p

4 KB
4 KB

34ms
32ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu8gkAknrTapITdb4OSjEOCDNJuchK7B5x2P7jcZLg=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5421fe92ba49bd6cf1ca4c36331ec4f5df53c0adfe895e52578eb1543ef3967c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3937
x-xss-protection: 0
server: fife
etag: "v137c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:57:11 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-t-ygEXW85HnaThT3i-Zm7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu8gkAknrTapITdb4OSjEOCDNJuchK7B5x2P7jcZLg=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ACNPEu9MVNPGELHGR75yVBf2YSwcpKp5djOjPbPDim-Vgw=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECNnc1c-97eTYnwEiC3ZjYXJkX3Bob3RvKig1MmE2ZTIyYWM0MWE3ZjU0MmE2NjVkZDgzMjk2MWVlNzg2MTFjNjUxMAESdhRFzUOvFFC_ptr73x1s62xSrg
https://lh3.googleusercontent.com/a-/ACNPEu9MVNPGELHGR75yVBf2YSwcpKp5djOjPbPDim-Vgw=s96-p

5 KB
5 KB

42ms
42ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu9MVNPGELHGR75yVBf2YSwcpKp5djOjPbPDim-Vgw=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4254b361dec29bb8405dfe941007320054bccb98a80f5ec72e8ae78d1a3fe347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4952
x-xss-protection: 0
server: fife
etag: "vf2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Oct 2022 19:54:14 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-GGXP71o0rn-uAjMsW85V1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu9MVNPGELHGR75yVBf2YSwcpKp5djOjPbPDim-Vgw=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ACNPEu_zX-xiVsa9D_Uvh0O6SyGwXBS5IABnrx2nK7oktw=s96-p
lh3.googleusercontent.com/a-/ Frame F771
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECMzbw-6F5bb3ygEiC3ZjYXJkX3Bob3RvKig0MGMxNmY1OTIzNTY5ZjI3ZTA1MGNjNTFiNmI2YzE0MTMzZDg3NDk3MAGX79FzIJIFwZjip102fFMbr4ER0Q
https://lh3.googleusercontent.com/a-/ACNPEu_zX-xiVsa9D_Uvh0O6SyGwXBS5IABnrx2nK7oktw=s96-p

18 KB
18 KB

36ms
35ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ACNPEu_zX-xiVsa9D_Uvh0O6SyGwXBS5IABnrx2nK7oktw=s96-p

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e0698115933e76bd97f93f96a679df72c99b7fb2dd4165584cb17a783559fe4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v3193"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18308
x-xss-protection: 0
expires: Sat, 29 Oct 2022 03:18:30 GMT

Redirect headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-tDe4LzjM1fW4LsiexcIAKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/ACNPEu_zX-xiVsa9D_Uvh0O6SyGwXBS5IABnrx2nK7oktw=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 74ms
31ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd0fb949868ac7ad0fbd89e7f1ba6da32133653afb5373bb46f599d1c11bebc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11276
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 90ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 03:18:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F3A 13 KB
5 KB 44ms
13ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echo-turf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:37:33 GMT
expires: Fri, 27 Oct 2023 18:37:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D51 783 B
534 B 57ms
24ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df41390ba20c52308007cfa881fc6f16f82174ee17e426023d254b1407841197

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hek-vZd6I6pya4coOmzHKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.echo-turf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hek-vZd6I6pya4coOmzHKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 03:18:30 GMT
expires: Fri, 28 Oct 2022 03:18:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F3A 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D51 0
0 48ms
47ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=1966907632841585&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F3A 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sEEvuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:18:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=1966907632841585&bg=!3d6l3prNAAZPh4lnb4c7ACkAdvg8WisbK9XqVN5_fJazpGOmWk_1CONIpGVTCm_qFR5XCWQM5a9JCAIAAABTUgAAAARoAQcKAIrBkuuzjea0vApne2026SKnTpJ9XaknuZn6FN42wlBAtHEQ-dUvpPyO718E55CaSutnffNOUZ4idRYeyk2zUn-qHaUKevr6iRNnF4XC4XkrktICXh-_SnpjJgYNAD2R6iJqSBMxIQMWgiMKS1O0PvyFO4j6nD_lk8VwEU9OwuPOnpR-A0BTdn1qrgqZAqHG0ZQRFo64qxoSXySHODOYXHVWwDXAKp2oh8KwimCkHiH9SlN7wc0IpYDZ5O1s0CjT6rcjIGGEfKx7GFb2DwZdm2f3hh0yKWgzge-6LPnfquqO6fOyiRQQrJUa7V72wjuSOmiL5PaZcMVxgAfgW0e_difUND4vIcdYmEyy_zEn8BH6DdmtfrhJpPgxFcVEpvRoxXjdz5EmQUepxKJ_-vQ00Tf_k3S2dPyjWhotmEY8QL1wQSd3Od80pEQVpm77e4tBE9OMddmbo1umZ0NTDCizCinC0K_h9OSYsKYOfMDMyuQkvOrsGb8nygIPs_m8HWbcdSqY7t0Tkf0MXeVLLBlg2qLafUGejRwG-Bn9a2Dk5bc4X2IdQ4VPHkHCEvXWP21RZnTczXnTDTYa0-DKXBKGAvzl9IusakOP8Z2mD8rJx7cQcBZcUTDA2cuDrvwkOz2cnur-9JOxvKZJ-Tu5K-N9Pab9BdAGvBKdwnVK5Cyu1yUuXYvYBpykJ8GtE8KHXMKwCVd4BP4TSXdKPK5QFQAx-epSAmax9_D3McAemuO0wH65g9VMXl1p0YX4WD9YsC7Lxao7sdOYKe_t7xpcpg194VDiXOIzRz-1x1ExLcZ0KlJUjLHQpZW-NNgQADD7YJstmqA2mh-qVS2p6Ow1y7Nctnjd2OYcRX4S6gL0FIJYnefVgIe-WeQWooV_cyN3aTWvI1SEJVtTgIsgot-GeEzuRwT-Vp0XzwfomHpyQDFGLYETuoVpS_9ju8bdc5nghaP7RLLNDhIlvfI5AcJ8YDmSU-znvO-mt5dDJ7QPu9IeAqlaJCg0xUij41Ru-5L5v-zk3sb7hHzH2FAX61dY0p5GvbNTIVBk0WjRIk7sdvwX2Qhxw_BfWdSSObvMqbdMit65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.echo-turf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 07:02:08	Name: test_cookie Value: CheckForPermission
.echo-turf.com/	1970-01-20 16:23:43	Name: __gads Value: ID=253333b3d3d4853e-225da5dd58ce00d0:T=1666927109:RT=1666927109:S=ALNI_MZ1yyBjiF4qBOpKs_X1J-MoW1DkxA
.echo-turf.com/	1970-01-20 16:23:43	Name: __gpi Value: UID=00000b7968e01b92:T=1666927109:RT=1666927109:S=ALNI_Ma2zHZB-tiRpCLUbPFFuuvCzGVTYw
.google.com/	1970-01-20 11:25:38	Name: NID Value: 511=ByYCWYJEDSSZXQENbdDxSMAXnPyQXTWHCi5NP61cJ8x2INu_NErwsBaDwZ1uBtO84U9SAfHsbF1NKXbyymheCURuhLxpNdawkFp0mu8O_vpMU2nuUmpLikXqiyok3lEBhOFA2B_WqwmMbsvIH23_MuRPweY3CbGosXNMghpKFd4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.root-top.com
lh3.googleusercontent.com
media.geny.com
pagead2.googlesyndication.com
paris-turf.faciles.ovh
partner.googleadservices.com
resources.blogblog.com
services.supportduweb.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.blogger.com
www.echo-turf.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.pronostic-facile.fr
www.top-pmu.com
www.turfmagique.fr
142.250.181.226
194.150.236.236
2001:41d0:301::30
2606:4700:3034::6815:15de
2606:4700:3038::6815:ea1a
2606:4700::6810:3965
2a00:1450:4001:800::2013
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2008
2a00:1450:4001:829::2009
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200d
2a02:26f0:1700:16::b856:fbd9
94.23.48.119
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0862d19912088706872890e355b499579d444a7ad501a21d95ac74cb17de8439
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
198a6a9ad7bc17bafcf52300559b557cd8818f4c306a276fda65e4c964fdb1f9
1de0da063aa64f4475fec8c07e348c54ea17f58f81f4dc7e23802ca38556c73c
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2990d01ae49ccc36082eb64b9cad3e7cf69900d691d5f8c3a8f8ccd502827f88
2a0bb8b4054c6f81fb7b87b92c1d265d04012af057031dfdb7eadd231376f64a
2c3141c4f5bd4baa8bd09b295fefe874a89b9a060d552319466f662be74302b8
2cfe899c3ff0cb12781f8ccf4cb9113972368035466813a88fe00d76ffd47006
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
3e4fe75a647035b5f28301dde35e931b434f6981cf2c4a5fc944a2de43aad7c7
4254b361dec29bb8405dfe941007320054bccb98a80f5ec72e8ae78d1a3fe347
4587fe29c58b49ab5cf936bb62e29921f0abf7893fffb3797f21f6710e52f5d7
4d2ac59fbf4ed2b13f437263845fd5c796215508daf3ff01221fc4fa3db20bb8
4df2f76b3d8574bda8597099f4e4708e3f22373babc540887f6671c4d8676cb5
50ae281f2597c21a7bc262a8b3420aa5e76a63e6e670d007f4cc5fd779e02722
50b8d724ab849153cb0d90cb42b3766c5d15356c41ac67ff27f61ebae668725d
5421fe92ba49bd6cf1ca4c36331ec4f5df53c0adfe895e52578eb1543ef3967c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b775acbbae930da6562d045f1496e779e638c128dc5bf4a63069af16815ef1b
6074afaf17d8f5cc5330d80d69971aebedd40485f89af6f7ad1d2566273bc1c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
656f1a9534379a5116f43d2fcd0c6f3600d7b32032bca94cdecfba997bf79d0e
688283ca32c580173b5e09505e7bd90d89456bd579a873b8db897afc852e6218
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7e126153266a02890822fe3a4442492ac6edee89166c330166f500c6e92b6e9a
88518a6eb401461a4de73806315ecb7292d347fcba058e8edd1470aa5349bbc1
8df3eed16af13a1c0a7c76240a20329f23ddd2efe0109fed0d6a08c68d68f4a0
990ec4c3ed9292be7c07707b6ce55b9c4511e4f25b3c7974198d6682a8047e1d
9ae9c8283b6881053659b72208455056980b823207c054fe902ad7af62d63a88
9dce2df5ae54eccd9237ab00634f392660973e8a711f25ed1d03b94d097da18d
9fcf17268b0625134ffba2235b50c53d2fdc87a44e5289f8fcbae83ec10f735f
a25606b18fb7785ba6fd96e368eadc2cecc9249584fb50344ddc625bfed43db5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae21217e172e5a1117a7ac148662a5a330edfdc34f86e8a6d85f5bf7e049c41b
b14397840941be365cc5c95c7d125ed45e37d356823610297e841afde72b00a4
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d15981e02e446c369d815fa786a121df7eed1dfda1688d303b47a0e976d353c3
d7f7c083d2fcbbd10b9432bfcbd6ad05fcdb116233a1e95e872f0b6ed164593f
d99ac8d6e6010751a0e67a59e60341b9d8d2eae68861e67a919cbdf664a4b270
dd0fb949868ac7ad0fbd89e7f1ba6da32133653afb5373bb46f599d1c11bebc5
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
df41390ba20c52308007cfa881fc6f16f82174ee17e426023d254b1407841197
e0698115933e76bd97f93f96a679df72c99b7fb2dd4165584cb17a783559fe4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5fdd0b590f716e8ce4ea6c329734d12857f77caa8133588cc6a451a9d144b3
ec4aaf9c8b0d63c7143187e8355d8972af2d8f5fcbc2bfced69baa83700b1689
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f0dda45144637754c009fc1a179d034b739869d254bda0773351e0ef8de48ab1
f38ee2f0d54dfc983265a8e59198026cc42fc8f84306d48f26c20c676ab16913
f4224f1b36c2e9c135a71888cbb94afab714df34fa4c54a4155f8e8c83eab51b
f572d88d33d876a51fbbfc2a15c06d9f47086e477e43c2d31b47c140c966afb7
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

www.echo-turf.com Open in urlscan Pro 2a00:1450:4001:800::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

84 %HTTPS

87 %IPv6

22 Domains

28 Subdomains

23 IPs

3 Countries

2087 kBTransfer

3075 kBSize

4 Cookies

47 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.echo-turf.com Open in urlscan Pro
2a00:1450:4001:800::2013 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

84 %
HTTPS

87 %
IPv6

22
Domains

28
Subdomains

23
IPs

3
Countries

2087 kB
Transfer

3075 kB
Size

4
Cookies

70 HTTP transactions
2 data transactions