urlscan.io logo urlscan.io
SecurityTrails logo

gainsprono.blogspot.com Open in urlscan Pro
2a00:1450:400d:807::2001  Public Scan

Go To Rescan Add Verdict Report
URL: https://gainsprono.blogspot.com/?m=0
Submission: On December 29 via manual from BF — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 16 domains to perform 57 HTTP transactions. The main IP is 2a00:1450:400d:807::2001, located in Ireland and belongs to GOOGLE, US. The main domain is gainsprono.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on November 28th 2022. Valid for: 3 months.
This is the only time gainsprono.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
gainsprono.blogspot.com
5    2a00:1450:400d:804::2009 (Ireland)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
4    2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)
2.bp.blogspot.com
1.bp.blogspot.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ci4.googleusercontent.com
14    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    46.105.204.2 (France)

ASN16276 (OVH, FR)
PTR: cluster002.hosting.cdn.ovh.net
topturf.fr
5    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    178.33.10.30 (Bourg-les-Valence, France)

ASN16276 (OVH, FR)
PTR: ip30.ip-178-33-10.eu
www.top-france.com
1    2606:4700:3035::ac43:c4a5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mega-turf.fr
1    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.top-pmu.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 googleusercontent.com
ci4.googleusercontent.com — Cisco Umbrella Rank: 1255
lh3.googleusercontent.com — Cisco Umbrella Rank: 181
208 KB
6 blogspot.com
gainsprono.blogspot.com
2.bp.blogspot.com — Cisco Umbrella Rank: 13930
1.bp.blogspot.com — Cisco Umbrella Rank: 9836
270 KB
5 root-top.com
img.root-top.com
15 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 6833
64 KB
3 allopass.com
payment.allopass.com
10 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
87 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 14712
542 B
1 top-pmu.com
www.top-pmu.com
33 KB
1 mega-turf.fr
www.mega-turf.fr
1 top-france.com
www.top-france.com
1 topturf.fr
topturf.fr
619 B
0 ajoutezvotrelien.com Failed
www.ajoutezvotrelien.com Failed
0 blog4ever.com Failed
static.blog4ever.com Failed
0 raffinturf.com Failed
www.raffinturf.com Failed
57 16
Domain Requested by
14 lh3.googleusercontent.com gainsprono.blogspot.com
5 img.root-top.com 3 redirects gainsprono.blogspot.com
4 www.google-analytics.com gainsprono.blogspot.com
www.google-analytics.com
4 www.blogger.com gainsprono.blogspot.com
3 1.bp.blogspot.com gainsprono.blogspot.com
3 payment.allopass.com gainsprono.blogspot.com
payment.allopass.com
2 fonts.gstatic.com gainsprono.blogspot.com
2 www.googletagmanager.com gainsprono.blogspot.com
payment.allopass.com
2 gainsprono.blogspot.com gainsprono.blogspot.com
1 resources.blogblog.com gainsprono.blogspot.com
1 www.top-pmu.com gainsprono.blogspot.com
1 www.mega-turf.fr gainsprono.blogspot.com
1 www.top-france.com gainsprono.blogspot.com
1 topturf.fr gainsprono.blogspot.com
1 ci4.googleusercontent.com gainsprono.blogspot.com
1 2.bp.blogspot.com gainsprono.blogspot.com
0 www.ajoutezvotrelien.com Failed gainsprono.blogspot.com
0 static.blog4ever.com Failed gainsprono.blogspot.com
0 www.raffinturf.com Failed gainsprono.blogspot.com
57 19
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-07 -
2023-10-07		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
topturf.fr
R3		 2022-11-07 -
2023-02-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
top-france.com
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gainsprono.blogspot.com/?m=0
Frame ID: 855F51A71E030A022F230ED667FA556C
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pronostic PMU payantGAINS PRONO

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

57
Requests

70 %
HTTPS

71 %
IPv6

16
Domains

19
Subdomains

15
IPs

4
Countries

738 kB
Transfer

1188 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://img.root-top.com/topsite/megaturf/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Request Chain 38
  • https://img.root-top.com/topsite/gagnerauquinte2021/banner.gif HTTP 302
  • https://1.bp.blogspot.com/-AjxOIIw0a1k/YadfQsnh_3I/AAAAAAAAAMk/SuyCM_KDxcYQDQrVSdzluZxzkHU8OPEDwCLcBGAsYHQ/s120/gagnezauquinte1.gif
Request Chain 39
  • https://img.root-top.com/topsite/eurocourses011/banner.gif HTTP 302
  • https://www.top-pmu.com/img4/eurodescourses.gif

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gainsprono.blogspot.com/ 		161 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4c9250ef339624dd9471b9eb4178452753aa31a7a92cd25d39ae005894d22791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
17409
content-type
text/html; charset=UTF-8
date
Thu, 29 Dec 2022 15:24:53 GMT
etag
W/"7fcbb15dbb8da124e4cbf53884968496bc1ca513db28536e04b17b651ff45d9f"
expires
Thu, 29 Dec 2022 15:24:53 GMT
last-modified
Thu, 29 Dec 2022 13:37:53 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 09:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Wed, 28 Dec 2022 04:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 28 Dec 2023 09:16:06 GMT
gainprono.png
2.bp.blogspot.com/-vfEM4sGIvoI/YDTg8-AARnI/AAAAAAAAARU/iTTCcmgekrgpkr9I20Iy7TQFp_BA4edVACK4BGAYYCw/s1600/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-vfEM4sGIvoI/YDTg8-AARnI/AAAAAAAAARU/iTTCcmgekrgpkr9I20Iy7TQFp_BA4edVACK4BGAYYCw/s1600/gainprono.png
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
be8d45aa0c01f89039d2dfec6d79f51c2f9bcc3aa69f30b2e24d527c3258ccff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v116"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="gainprono.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190132
x-xss-protection
0
expires
Fri, 30 Dec 2022 15:24:53 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186974159-1
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba8a03ab05a62b7225e6f17dde12daf2366983ef712b065da1fe85305a46e420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43582
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Dec 2022 15:24:54 GMT
checkout.apu
payment.allopass.com/buy/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=350991&idd=1534310&lang=fr
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8be7d530c31dd2b2f2e6cd9e46a8cfd0883526cd6d001cdd755d6b553508d06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Dec 2022 15:24:55 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2960
Expires
Thu, 19 Nov 1981 08:52:00 GMT
CWYwWXs0LbkRXWqAkjS7Z0Q_kniBWXT3OPm5ngfIW9CkBn3bGBsHFKVJ4fJXqkPLqdaBy42SWRkFaQ7Fq3pMBiNa0jtkqjIALUxwxIkhUA=s0-d-e1-ft
ci4.googleusercontent.com/proxy/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci4.googleusercontent.com/proxy/CWYwWXs0LbkRXWqAkjS7Z0Q_kniBWXT3OPm5ngfIW9CkBn3bGBsHFKVJ4fJXqkPLqdaBy42SWRkFaQ7Fq3pMBiNa0jtkqjIALUxwxIkhUA=s0-d-e1-ft
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3b3efe1b07f6749e38c1d5e50c8395d365c4f96825dbeb43992ce0163310bda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 11:41:18 GMT
x-content-type-options
nosniff
age
13416
cross-origin-resource-policy
cross-origin
content-disposition
attachment;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61010
x-xss-protection
0
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 20 Dec 2023 08:20:48 GMT
parisur.gif
www.raffinturf.com/img3/ 		0
0
gainprono.gif
www.raffinturf.com/img3/ 		0
0
pronogaranti.gif
www.raffinturf.com/img3/ 		0
0
rdvturf.gif
www.raffinturf.com/img3/ 		0
0
selecturf.gif
www.raffinturf.com/img3/ 		0
0
surfhippique.gif
www.raffinturf.com/img3/ 		0
0
turfroger.gif
www.raffinturf.com/img3/ 		0
0
cevaier.gif
www.raffinturf.com/img3/ 		0
0
4gagnan.gif
www.raffinturf.com/img3/ 		0
0
lok3_9026151.gif
static.blog4ever.com/2021/05/864111/ 		0
0
oblio_9026154.gif
static.blog4ever.com/2021/05/864111/ 		0
0
lok1_9026152.gif
static.blog4ever.com/2021/05/864111/ 		0
0
jcov_9247305.gif
static.blog4ever.com/2021/06/864279/ 		0
0
image.png
lh3.googleusercontent.com/-ZZ8wUBypgiE/YNWwQZECzBI/AAAAAAAAAAM/QV-Z4sQyRNYtrQpbM7ahEN70Z_oTMRQbQCLcBGAsYHQ/w262-h33/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-ZZ8wUBypgiE/YNWwQZECzBI/AAAAAAAAAAM/QV-Z4sQyRNYtrQpbM7ahEN70Z_oTMRQbQCLcBGAsYHQ/w262-h33/image.png
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
33ede680de4335081f202c220335cb7accc55e763835689d8ffca2a49935ec21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="image.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10898
x-xss-protection
0
server
fife
etag
"v4"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 18 Dec 2022 23:39:43 GMT
sous-image.gif
1.bp.blogspot.com/-RrSsCOdipMs/XdZ3ENmwxxI/AAAAAAAAAEI/xhnJmDw1Q3QkTpr1IuQFCiknN2YPgGmaACLcBGAsYHQ/w380-h15/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-RrSsCOdipMs/XdZ3ENmwxxI/AAAAAAAAAEI/xhnJmDw1Q3QkTpr1IuQFCiknN2YPgGmaACLcBGAsYHQ/w380-h15/sous-image.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bf3d2bd8f1288cc818a300035e17d953c954c9dc066a920c7aa593fd940be302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:08:53 GMT
x-content-type-options
nosniff
age
961
content-disposition
inline;filename="sous-image.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4972
x-xss-protection
0
server
fife
etag
"v43"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 24 Dec 2022 11:34:21 GMT
quinte.gif
topturf.fr/ 		393 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topturf.fr/quinte.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.204.2 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster002.hosting.cdn.ovh.net
Software
/
Resource Hash
b359a6985ef1f14493e789a0a43221e72ae8a1230228fc3a9f0142ddbde8e548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:57 GMT
last-modified
Mon, 29 Dec 2008 11:13:44 GMT
x-cdn-cache
MISS
age
0
content-type
image/gif
cache-control
no-cache
x-cdn-pop
sbg
accept-ranges
bytes
x-cdn-request-id
468214693
content-length
393
expires
Thu, 29 Dec 2022 15:39:55 GMT
ANbyha0GcCE7ZSPpA0UMTYv3MzBqYEWdnoL11sWQS6y1EQuBNNSeLDddCge_BrmJFZ28xB6nUMRQy8SF3ARPsfP9BoAaYQUc_Xd9m3VM=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0GcCE7ZSPpA0UMTYv3MzBqYEWdnoL11sWQS6y1EQuBNNSeLDddCge_BrmJFZ28xB6nUMRQy8SF3ARPsfP9BoAaYQUc_Xd9m3VM=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ANbyha3QT2o1TxhvvIqLhu6dGV0uaXYwcDwiTAZENjDfTDYSi0mkDJAKBvwOkyvMdwOsbm0JOkzb1iGXSpmL_oPU90Zf5KXb0qZC6Q=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3QT2o1TxhvvIqLhu6dGV0uaXYwcDwiTAZENjDfTDYSi0mkDJAKBvwOkyvMdwOsbm0JOkzb1iGXSpmL_oPU90Zf5KXb0qZC6Q=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ANbyha0O-_8iez1AqAmVkEW9cpdTTxvCo4EKWOH9HJSuEGrd-CksY2vnCPoRHqbzbVEZvlQ0MPimfQ0f4WT1-YS5taTGDOQ-LWSojFr783-X_ZN--OpCi149_JZgfAY=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0O-_8iez1AqAmVkEW9cpdTTxvCo4EKWOH9HJSuEGrd-CksY2vnCPoRHqbzbVEZvlQ0MPimfQ0f4WT1-YS5taTGDOQ-LWSojFr783-X_ZN--OpCi149_JZgfAY=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0d16070edb3b23390bbe7f33a714a3165c622ca256c3c81354988c0d0996e514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68382
x-xss-protection
0
expires
Fri, 30 Dec 2022 15:24:54 GMT
ANbyha1QQFu9OfljPvSnDzz2gTdmHzrv7ovZL43bhcxhfx4JXxAImgztM8YMmnoPO4QfcMyzBfigKW5oJpC8s3tVFuE61JHLLMSFFagp=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1QQFu9OfljPvSnDzz2gTdmHzrv7ovZL43bhcxhfx4JXxAImgztM8YMmnoPO4QfcMyzBfigKW5oJpC8s3tVFuE61JHLLMSFFagp=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
banner.gif
img.root-top.com/topsite/turfmillion/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfmillion/banner.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c02eb50c935bbda46457072d97c9555738acd059968ac1d16897c10bb003c19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Dec 2022 22:36:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
233305
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Td7zSPAb8yUZnPD9kFNe2nnGQnwnxneQxnI1NWZr9gDtbL6nr1fH0Qc%2Bni4tsRIRIpKK9S%2FLPEtKZN8UA5S3VJYGB4jWxQRdlc64M%2FdjPXuyg7NzkW5Ur4NgYw%2B3ysViGmOeZQoRSIIBwGkLX8%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
78138b97dc539956-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6306
expires
Thu, 29 Dec 2022 22:36:29 GMT
bouton1.php
www.top-france.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.top-france.com/bouton1.php?site=1517301601
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.10.30 Bourg-les-Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip30.ip-178-33-10.eu
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ANbyha1vMfuogYDwV4ndOIPY5QaN7ToVnHXWd64NJbXC38PjO_4eTf1hFWnU0EHJMU3T1KCdtlPFRZga5KP2RmZIz-GMKMiov4qAa6wmoNWoAfZ8rYXKaiazmR7MpyxGUQNhEds=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1vMfuogYDwV4ndOIPY5QaN7ToVnHXWd64NJbXC38PjO_4eTf1hFWnU0EHJMU3T1KCdtlPFRZga5KP2RmZIz-GMKMiov4qAa6wmoNWoAfZ8rYXKaiazmR7MpyxGUQNhEds=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d66d8acd05cda9e6421b7b1ecb3befabef5e8a8bac2adeec31b1cbba5fae4cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1930
x-xss-protection
0
expires
Fri, 30 Dec 2022 15:24:54 GMT
ANbyha1WOzmErXEELqejakXds1gLDs5uDUlYKjl4fzXGN5QuvGF5AZKEExCIRgY-rPrzJ9WrHGt5mYam9c5B13X3flqkcvrqLc8npgUr6-VhkEh-eQX7OgnTbtVI=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1WOzmErXEELqejakXds1gLDs5uDUlYKjl4fzXGN5QuvGF5AZKEExCIRgY-rPrzJ9WrHGt5mYam9c5B13X3flqkcvrqLc8npgUr6-VhkEh-eQX7OgnTbtVI=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
43de99a61749f61932028613f611a325e4c311e08d1198ea4293bed94f3d51c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15226
x-xss-protection
0
expires
Fri, 30 Dec 2022 15:24:54 GMT
ANbyha2nzLdl1TqMFw3h7Z274em2W0Mk1LZqwUGyqBBxJM7bG4DIrC_xIxGIg7ypjWH4g3VCnGdxsm5fp4ZF-AZOgLXNSL-Kq-sysPnyLerwQLj0TUYGLoUgNjWrWM3OgDmWRw=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2nzLdl1TqMFw3h7Z274em2W0Mk1LZqwUGyqBBxJM7bG4DIrC_xIxGIg7ypjWH4g3VCnGdxsm5fp4ZF-AZOgLXNSL-Kq-sysPnyLerwQLj0TUYGLoUgNjWrWM3OgDmWRw=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aff454b9c8899329871686da98db8fb8b03e5fd78ae844581d326febd9b751b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20444
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ANbyha1ZcjY47mApn1_TgmwRcFdI77_sPwcxQV90wzc-t5oILasrixElkL9Q6NYDA5TBciGZE4ukg0-JF1Gf3XVkDRt0gu4bsZoB0aIbCo-akzqBxAN7guDTzH8J=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1ZcjY47mApn1_TgmwRcFdI77_sPwcxQV90wzc-t5oILasrixElkL9Q6NYDA5TBciGZE4ukg0-JF1Gf3XVkDRt0gu4bsZoB0aIbCo-akzqBxAN7guDTzH8J=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ff72c088fcc7efcc81519a95e31e20043fa6be3c1ba8dd89214eb75c328708ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10834
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ANbyha3rlpzpiPVEWTGX7qwm6g3Lvy2y1Iuha05WHUghNaNs9jxKwassKGPgRyWIni6WUzA3VG1pEZQXTj_bqmwdhBth8LoJUi1rRmNZj7f5xRUxre2iDczLiWYwyQ=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3rlpzpiPVEWTGX7qwm6g3Lvy2y1Iuha05WHUghNaNs9jxKwassKGPgRyWIni6WUzA3VG1pEZQXTj_bqmwdhBth8LoJUi1rRmNZj7f5xRUxre2iDczLiWYwyQ=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c892a77c1ab802bdcb73e5f2e1348d504c630646bdbe946e413439c79455aa90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ANbyha2r0EBDsbAOyXEc2jJgFaEFyjiFJ0BWaiBtHwXP4ek4Mog44L_4QdBhznrhE82VZ6Tcfr_SfVy8YIh8ps5Z3FofJIl3J8EwfD5y4w=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2r0EBDsbAOyXEc2jJgFaEFyjiFJ0BWaiBtHwXP4ek4Mog44L_4QdBhznrhE82VZ6Tcfr_SfVy8YIh8ps5Z3FofJIl3J8EwfD5y4w=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ANbyha2H2EfxQqX_shXJKSbpjIgXEXu-v6zakTtCqvge3KKLYPHTPTqYOD3kvG7CAViaU3TqytTAKp2Y0Wd74Wb_9P8sKTh9o3ZCfFL5sgqXPZKUiOFjdA=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2H2EfxQqX_shXJKSbpjIgXEXu-v6zakTtCqvge3KKLYPHTPTqYOD3kvG7CAViaU3TqytTAKp2Y0Wd74Wb_9P8sKTh9o3ZCfFL5sgqXPZKUiOFjdA=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 14:56:01 GMT
x-content-type-options
nosniff
server
fife
age
1733
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1762
x-xss-protection
0
expires
Fri, 30 Dec 2022 14:56:01 GMT
ANbyha0JMcqbX99yTZjM_cZVSVDX21bFV_2dPUvFYpuT-DgHuV8APgzU-HyggxVXzZhaXRfvGiKatA4AKp-7n89Ze8GrrJ1Rbvgqp75jVjmTSVdYDVICqlI0eWs=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0JMcqbX99yTZjM_cZVSVDX21bFV_2dPUvFYpuT-DgHuV8APgzU-HyggxVXzZhaXRfvGiKatA4AKp-7n89Ze8GrrJ1Rbvgqp75jVjmTSVdYDVICqlI0eWs=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
65af7fa50c44578a32ebd7a54a8532581a04716d6027097c3696c93d8a35302e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1154
x-xss-protection
0
expires
Fri, 30 Dec 2022 15:24:54 GMT
visuel81.png
www.ajoutezvotrelien.com/ 		0
0
5.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain
  • https://img.root-top.com/topsite/megaturf/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Server
2606:4700:3035::ac43:c4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1180431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27601
last-modified
Sun, 25 Jun 2017 11:18:37 GMT
server
cloudflare
etag
"594f9c0d-6bd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5bHDsGaiybMKzoE9wnyEU%2BG4wiNuPF4SRvCAbwhYFud0wAc7CWoZqcPBKsZ6OGVP1SHebQ54uJOGjK4Ssxb1jv8vWKieZmLaBNjSECev8MB3iqOXJmCv8ATfbmJIiaqNgYoutvg7r85M%2BYl%2FPWz"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
78138b999f559031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Thu, 29 Dec 2022 15:24:54 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TENESjevZXFOqoul3DVgaZ7lGmrstIkOEYYLZ1LYnc5roWpqaCWMHEOAFivPfNrE9eH%2BVy107EN6uKahSRlBm099xTQDwYsCAUK99STsW2teDd05qcHw%2FMTG2OSJRQV%2B4badWF4tPd7EhAELBC9S"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=ISO-8859-1
location
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
cf-ray
78138b97dc579956-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
banner.gif
img.root-top.com/topsite/europeprono/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/europeprono/banner.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c73cce51b588f89031d93376614ccc8c52cb65a3ff700795f8a15f4ea8479c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Dec 2022 04:25:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
212381
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3Y0vpTMTad47F3d2uJNSX5AbchlBZdZsSriEiHOXIU0CZ2%2B1PFmOsZ8arhgen5DW5rybVbzfZQkN51zDANzDNk%2FgDYnX7uvpCRMSBDWt3AOzXTeCoAuqJl1VJ5EJKlNsn7RZV4bleQoEPvz15ku"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
78138b97dc599956-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7181
expires
Fri, 30 Dec 2022 04:25:13 GMT
gagnezauquinte1.gif
1.bp.blogspot.com/-AjxOIIw0a1k/YadfQsnh_3I/AAAAAAAAAMk/SuyCM_KDxcYQDQrVSdzluZxzkHU8OPEDwCLcBGAsYHQ/s120/
Redirect Chain
  • https://img.root-top.com/topsite/gagnerauquinte2021/banner.gif
  • https://1.bp.blogspot.com/-AjxOIIw0a1k/YadfQsnh_3I/AAAAAAAAAMk/SuyCM_KDxcYQDQrVSdzluZxzkHU8OPEDwCLcBGAsYHQ/s120/gagnezauquinte1.gif
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-AjxOIIw0a1k/YadfQsnh_3I/AAAAAAAAAMk/SuyCM_KDxcYQDQrVSdzluZxzkHU8OPEDwCLcBGAsYHQ/s120/gagnezauquinte1.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2b8bcc52d2b6280d4f97c93c00de06f40bdc1d890f7e76f3f97c5d9d6beb775a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:08:54 GMT
x-content-type-options
nosniff
age
960
content-disposition
inline;filename="gagnezauquinte1.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7288
x-xss-protection
0
server
fife
etag
"vca"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 26 Dec 2022 11:38:52 GMT

Redirect headers

date
Thu, 29 Dec 2022 15:24:54 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=It235zyVoAXsZVaUJOqn22rmVaIVwlV%2B6i8l8Y0pmZUXtBlina0Y3Vh4j4yVr9Nw3oKjzRVVEnt%2B5HbDndPwetP4X29EJHhtJ8t9F9JlqcFdWlsKPdchZQPQVDvz9As7gE7q83%2Fgfq98ARJqKe%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=ISO-8859-1
location
https://1.bp.blogspot.com/-AjxOIIw0a1k/YadfQsnh_3I/AAAAAAAAAMk/SuyCM_KDxcYQDQrVSdzluZxzkHU8OPEDwCLcBGAsYHQ/s120/gagnezauquinte1.gif
cf-ray
78138b97fc899956-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
eurodescourses.gif
www.top-pmu.com/img4/
Redirect Chain
  • https://img.root-top.com/topsite/eurocourses011/banner.gif
  • https://www.top-pmu.com/img4/eurodescourses.gif
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.top-pmu.com/img4/eurodescourses.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
656f1a9534379a5116f43d2fcd0c6f3600d7b32032bca94cdecfba997bf79d0e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 15:24:54 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Tue, 09 Aug 2022 06:41:29 GMT
Server
Apache
ETag
"28edaa4-83d6-5e5c938e0d840"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
33750

Redirect headers

date
Thu, 29 Dec 2022 15:24:54 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPjsU6WBtszPShPi9kf85ZI%2FFT4j%2BU%2B4X6iR6wT3pOYUVDURfUC7pIacD6qAVWDZTGoe6po5DGJFkIOyqKKC4A4THw8BKC4Q%2B0h%2F2iZBz0A0oArwINxpGAg7Bkbge%2BGg7zmMh%2FjTqQeZioh4%2Bx%2Bb"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=ISO-8859-1
location
https://www.top-pmu.com/img4/eurodescourses.gif
cf-ray
78138b97fc8a9956-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ANbyha3yIkEoXidu5-AcSdsEqYisJ6XLnYbMlPzAezxtgiPwUSrMfJLB3gkH_dLZlV-liqlx6Ay-hyicmBm6hVFmJ53q1YKBXDdWTsAO4hkaNnzjHX2vpke_U9c6Cq9vBA=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3yIkEoXidu5-AcSdsEqYisJ6XLnYbMlPzAezxtgiPwUSrMfJLB3gkH_dLZlV-liqlx6Ay-hyicmBm6hVFmJ53q1YKBXDdWTsAO4hkaNnzjHX2vpke_U9c6Cq9vBA=s0-d
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c6162cab37f91a999eed8f35ca5cf58262c4b3fc2b31f546ad0a46dab0b3f8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16838
x-xss-protection
0
expires
Fri, 30 Dec 2022 15:24:54 GMT
cookienotice.js
gainsprono.blogspot.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gainsprono.blogspot.com/js/cookienotice.js
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/?m=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 09:35:10 GMT
x-content-type-options
nosniff
age
539384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6513
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 07:51:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 30 Dec 2022 09:35:10 GMT
1197256859-widgets.js
www.blogger.com/static/v1/widgets/ 		153 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1197256859-widgets.js
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fbc63b50b1a10a591d69fbe1ef1e5db6d6186970d5b9950b8150829e4bd2b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 09:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56470
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 10:49:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 28 Dec 2023 09:16:06 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Dec 2022 15:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
17
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 29 Dec 2022 17:24:37 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7996405764685740072&zx=07df3a63-2188-4e5c-8bf9-5ec2a3c27c71
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 29 Dec 2022 15:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Dec 2022 15:24:54 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
g1.gif
1.bp.blogspot.com/-0ioOZ4Q8un0/W2TYCq_kWmI/AAAAAAAAAFI/fANf8VIecIIu-ai6xhBI-jbUjtdomEY7wCK4BGAYYCw/w1600/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0ioOZ4Q8un0/W2TYCq_kWmI/AAAAAAAAAFI/fANf8VIecIIu-ai6xhBI-jbUjtdomEY7wCK4BGAYYCw/w1600/g1.gif
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3c3dcb80ee65674679a2efe6614172d66f1ab36a56ef94b7601e66c8ccd9f1cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
server
fife
etag
"v53"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="g1.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48481
x-xss-protection
0
expires
Fri, 30 Dec 2022 15:24:54 GMT
gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 		403 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 04:26:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Dec 2022 20:49:17 GMT
server
sffe
age
298702
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
403
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 02 Jan 2023 04:26:32 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gainsprono.blogspot.com/
Origin
https://gainsprono.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:17:51 GMT
x-content-type-options
nosniff
age
238023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10172
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 21:17:51 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7996405764685740072&zx=07df3a63-2188-4e5c-8bf9-5ec2a3c27c71
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 29 Dec 2022 15:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Dec 2022 15:24:54 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1967746853&t=pageview&_s=1&dl=https%3A%2F%2Fgainsprono.blogspot.com%2F%3Fm%3D0&ul=en-us&de=UTF-8&dt=Pronostic%20PMU%20payant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1644020976&gjid=496755730&cid=260224276.1672327495&tid=UA-186974159-1&_gid=1752254115.1672327495&_r=1&_slc=1&z=1945238581
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gainsprono.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gainsprono.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1967746853&t=pageview&_s=1&dl=https%3A%2F%2Fgainsprono.blogspot.com%2F%3Fm%3D0&ul=en-us&de=UTF-8&dt=Pronostic%20PMU%20payant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1263169515&gjid=1120938103&cid=260224276.1672327495&tid=UA-186974159-1&_gid=1752254115.1672327495&_r=1&gtm=2oubu0&z=1096767999
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gainsprono.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 15:24:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gainsprono.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		115 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=350991&idd=1534310&lang=fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
238f888cad38a57e3774962de4a20d837e1bfe9c822b193e719814faad8f2b87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 15:24:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45388
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Dec 2022 15:24:55 GMT
buy-button.css
payment.allopass.com/static/css/ 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=350991&idd=1534310&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 15:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"4215b-69a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gainsprono.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 15:24:57 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"215ef-1688-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
fonts.gstatic.com/s/paytoneone/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/paytoneone/v18/0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
Requested by
Host: gainsprono.blogspot.com
URL: https://gainsprono.blogspot.com/?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c2e574095d0c6b8168c39204503cece88e2755b0b0fed8c84c293e0ea5b5694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gainsprono.blogspot.com/
Origin
https://gainsprono.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 00:16:35 GMT
x-content-type-options
nosniff
age
54501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20384
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:58:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 00:16:35 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1967746853&t=pageview&_s=1&dl=https%3A%2F%2Fgainsprono.blogspot.com%2F%3Fm%3D0&ul=en-us&de=UTF-8&dt=Pronostic%20PMU%20payant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1784419132&gjid=958762061&cid=260224276.1672327495&tid=UA-135619294-1&_gid=1752254115.1672327495&_r=1&gtm=2wgbu0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1534310&cd3=350991&cd4=(not%20set)&cd5=classic&z=816298822
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gainsprono.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 15:24:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gainsprono.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/parisur.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/gainprono.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/pronogaranti.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/rdvturf.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/selecturf.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/surfhippique.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/turfroger.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/cevaier.gif
Domain
www.raffinturf.com
URL
https://www.raffinturf.com/img3/4gagnan.gif
Domain
static.blog4ever.com
URL
https://static.blog4ever.com/2021/05/864111/lok3_9026151.gif
Domain
static.blog4ever.com
URL
https://static.blog4ever.com/2021/05/864111/oblio_9026154.gif
Domain
static.blog4ever.com
URL
https://static.blog4ever.com/2021/05/864111/lok1_9026152.gif
Domain
static.blog4ever.com
URL
https://static.blog4ever.com/2021/06/864279/jcov_9247305.gif
Domain
www.ajoutezvotrelien.com
URL
https://www.ajoutezvotrelien.com/visuel81.png

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga object| adsbygoogle function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_976154 object| cookieChoices object| elts

7 Cookies

Domain/Path Name / Value
.gainsprono.blogspot.com/ Name: _ga
Value: GA1.3.260224276.1672327495
.gainsprono.blogspot.com/ Name: _gid
Value: GA1.3.1752254115.1672327495
.gainsprono.blogspot.com/ Name: _gat_blogger
Value: 1
.gainsprono.blogspot.com/ Name: _gat_gtag_UA_186974159_1
Value: 1
payment.allopass.com/ Name: ShopSessionId
Value: ad779431-9c63-44d1-bdc1-65b8d828648b
.allopass.com/ Name: AP_CUSK
Value: 3600593785
.gainsprono.blogspot.com/ Name: _gat_UA-135619294-1
Value: 1

15 Console Messages

Source Level URL
Text
network error URL: https://www.raffinturf.com/img3/parisur.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/gainprono.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/pronogaranti.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/rdvturf.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/selecturf.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/surfhippique.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/turfroger.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/cevaier.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.raffinturf.com/img3/4gagnan.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1QQFu9OfljPvSnDzz2gTdmHzrv7ovZL43bhcxhfx4JXxAImgztM8YMmnoPO4QfcMyzBfigKW5oJpC8s3tVFuE61JHLLMSFFagp=s0-d
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3QT2o1TxhvvIqLhu6dGV0uaXYwcDwiTAZENjDfTDYSi0mkDJAKBvwOkyvMdwOsbm0JOkzb1iGXSpmL_oPU90Zf5KXb0qZC6Q=s0-d
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0GcCE7ZSPpA0UMTYv3MzBqYEWdnoL11sWQS6y1EQuBNNSeLDddCge_BrmJFZ28xB6nUMRQy8SF3ARPsfP9BoAaYQUc_Xd9m3VM=s0-d
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2r0EBDsbAOyXEc2jJgFaEFyjiFJ0BWaiBtHwXP4ek4Mog44L_4QdBhznrhE82VZ6Tcfr_SfVy8YIh8ps5Z3FofJIl3J8EwfD5y4w=s0-d
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.top-france.com/bouton1.php?site=1517301601
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.ajoutezvotrelien.com/visuel81.png
Message:
Failed to load resource: net::ERR_TIMED_OUT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
ci4.googleusercontent.com
fonts.gstatic.com
gainsprono.blogspot.com
img.root-top.com
lh3.googleusercontent.com
payment.allopass.com
resources.blogblog.com
static.blog4ever.com
topturf.fr
www.ajoutezvotrelien.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.mega-turf.fr
www.raffinturf.com
www.top-france.com
www.top-pmu.com
static.blog4ever.com
www.ajoutezvotrelien.com
www.raffinturf.com
178.33.10.30
185.119.26.1
194.150.236.236
2606:4700:3035::ac43:c4a5
2606:4700:3038::6815:ea1b
2a00:1450:4001:801::2003
2a00:1450:4001:809::200e
2a00:1450:4001:811::2001
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2001
2a00:1450:400d:804::2009
2a00:1450:400d:807::2001
2a00:1450:400d:80e::2001
46.105.204.2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d16070edb3b23390bbe7f33a714a3165c622ca256c3c81354988c0d0996e514
238f888cad38a57e3774962de4a20d837e1bfe9c822b193e719814faad8f2b87
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2b8bcc52d2b6280d4f97c93c00de06f40bdc1d890f7e76f3f97c5d9d6beb775a
33ede680de4335081f202c220335cb7accc55e763835689d8ffca2a49935ec21
3b3efe1b07f6749e38c1d5e50c8395d365c4f96825dbeb43992ce0163310bda2
3c3dcb80ee65674679a2efe6614172d66f1ab36a56ef94b7601e66c8ccd9f1cf
43de99a61749f61932028613f611a325e4c311e08d1198ea4293bed94f3d51c7
4c9250ef339624dd9471b9eb4178452753aa31a7a92cd25d39ae005894d22791
656f1a9534379a5116f43d2fcd0c6f3600d7b32032bca94cdecfba997bf79d0e
65af7fa50c44578a32ebd7a54a8532581a04716d6027097c3696c93d8a35302e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6fbc63b50b1a10a591d69fbe1ef1e5db6d6186970d5b9950b8150829e4bd2b77
7c2e574095d0c6b8168c39204503cece88e2755b0b0fed8c84c293e0ea5b5694
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
8be7d530c31dd2b2f2e6cd9e46a8cfd0883526cd6d001cdd755d6b553508d06c
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9c73cce51b588f89031d93376614ccc8c52cb65a3ff700795f8a15f4ea8479c2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
aff454b9c8899329871686da98db8fb8b03e5fd78ae844581d326febd9b751b9
b359a6985ef1f14493e789a0a43221e72ae8a1230228fc3a9f0142ddbde8e548
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba8a03ab05a62b7225e6f17dde12daf2366983ef712b065da1fe85305a46e420
be8d45aa0c01f89039d2dfec6d79f51c2f9bcc3aa69f30b2e24d527c3258ccff
bf3d2bd8f1288cc818a300035e17d953c954c9dc066a920c7aa593fd940be302
c02eb50c935bbda46457072d97c9555738acd059968ac1d16897c10bb003c19c
c6162cab37f91a999eed8f35ca5cf58262c4b3fc2b31f546ad0a46dab0b3f8d9
c892a77c1ab802bdcb73e5f2e1348d504c630646bdbe946e413439c79455aa90
d66d8acd05cda9e6421b7b1ecb3befabef5e8a8bac2adeec31b1cbba5fae4cda
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
ff72c088fcc7efcc81519a95e31e20043fa6be3c1ba8dd89214eb75c328708ab