urlscan.io logo urlscan.io
SecurityTrails logo

geisha.erog.fr Open in urlscan Pro
195.20.15.131  Public Scan

Go To Rescan Add Verdict Report
URL: http://geisha.erog.fr//
Submission: On July 31 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 40 HTTP transactions. The main IP is 195.20.15.131, located in France and belongs to MAGICRETAIL, FR. The main domain is geisha.erog.fr.
This is the only time geisha.erog.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    195.20.15.131 (France)

ASN43424 (MAGICRETAIL, FR)
PTR: overblog-vip.srv.proceau.net
geisha.erog.fr
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    185.128.239.81 (France)

ASN35717 (WEBEDIA-AS, FR)
resize.over-blog.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
securepubads.g.doubleclick.net
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
7 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1868
syndication.twitter.com — Cisco Umbrella Rank: 2285
35 KB
7 over-blog.com
assets.over-blog.com Failed
resize.over-blog.com
232 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
148 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
22 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 353
32 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 erog.fr
geisha.erog.fr
40 KB
0 estat.com Failed
w.estat.com Failed
40 9
Domain Requested by
7 resize.over-blog.com geisha.erog.fr
5 platform.twitter.com geisha.erog.fr
platform.twitter.com
2 syndication.twitter.com geisha.erog.fr
platform.twitter.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 www.google-analytics.com geisha.erog.fr
2 www.googletagservices.com 1 redirects geisha.erog.fr
2 fonts.googleapis.com geisha.erog.fr
1 www.facebook.com geisha.erog.fr
1 geisha.erog.fr
0 w.estat.com Failed geisha.erog.fr
0 assets.over-blog.com Failed geisha.erog.fr
40 11
Subject Issuer Validity Valid
over-blog.com
R10		 2024-07-07 -
2024-10-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-10 -
2024-08-08		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-08 -
2025-07-07		 a year crt.sh
syndication.twitter.com
R11		 2024-07-06 -
2024-10-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://geisha.erog.fr//
Frame ID: 36F225EB38C5F90BC832B9D74D0428C3
Requests: 36 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FOverblog&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=231701373546196
Frame ID: FA5F1F2A43A7043B6958C97F9A7567A9
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fgeisha.erog.fr
Frame ID: B8F96A47ADD444DBE3E5AEAEAB108863
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.fr.html
Frame ID: 97758A4EEA112A9086A9F356355E3693
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/Overblog?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=true&hideScrollBar=false&lang=fr&maxHeight=150px&origin=http%3A%2F%2Fgeisha.erog.fr%2F%2F&sessionId=3c1d8519b8e1acb960207464a640b98da54b53cd&showHeader=false&showReplies=false&transparent=true&widgetsVersion=2615f7e52b7e0%3A1702314776716
Frame ID: 5D66ECEAC786D78BBF70179CE0DFE680
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Erreur

Page URL History Show full URLs

  1. http://geisha.erog.fr// HTTP 307
    https://geisha.erog.fr// HTTP 307
    http://geisha.erog.fr// Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

40
Requests

43 %
HTTPS

56 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

510 kB
Transfer

1012 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geisha.erog.fr// HTTP 307
    https://geisha.erog.fr// HTTP 307
    http://geisha.erog.fr// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://w.estat.com/js/whap.js HTTP 301
  • https://w.estat.com/js/whap.js
Request Chain 5
  • http://www.googletagservices.com/tag/js/gpt.js HTTP 302
  • https://www.googletagservices.com/tag/js/gpt.js
Request Chain 25
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 28
  • http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
  • https://www.google-analytics.com/plugins/ua/linkid.js

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
geisha.erog.fr//
Redirect Chain
  • http://geisha.erog.fr//
  • https://geisha.erog.fr//
  • http://geisha.erog.fr//
39 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://geisha.erog.fr//
Protocol
HTTP/1.1
Server
195.20.15.131 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
overblog-vip.srv.proceau.net
Software
EsclaveHTTP / PHP/5.2.6
Resource Hash
e781ce49f0dc9fb19fdeeafb453f3ea4295fe8b8fdcd443690e1128c56cc8d54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Age
0
Connection
keep-alive
Content-Length
40318
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 23:32:00 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Status
404 Not Found
X-Powered-By
PHP/5.2.6
X-URL
//
X-Varnish
1944659496
fhost
geisha.erog.fr
server
EsclaveHTTP

Redirect headers

Location
http://geisha.erog.fr//
Non-Authoritative-Reason
HttpsUpgrades
build.css
assets.over-blog.com/b/site/bundles/build/css/ 		0
0
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:300,400,400italic,700
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
626f49155368e6be161889199d729d5ec0dace2b3a91c8273bb18aed73f725fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 23:32:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 31 Jul 2024 23:32:00 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 31 Jul 2024 23:32:00 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato:400,700,900
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2e37aee0cfd774b5a032e4280538b530a2bfb8afdfbb6c0afa6bc3ee93e477f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 23:32:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 31 Jul 2024 23:32:00 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 31 Jul 2024 23:32:00 GMT
whap.js
w.estat.com/js/
Redirect Chain
  • http://w.estat.com/js/whap.js
  • https://w.estat.com/js/whap.js
0
0
ads.js
assets.over-blog.com/b/site/bundles/overblogfront/js/ 		0
0
gpt.js
www.googletagservices.com/tag/js/
Redirect Chain
  • http://www.googletagservices.com/tag/js/gpt.js
  • https://www.googletagservices.com/tag/js/gpt.js
99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf4ae27ee834cd04c7fd8ce4aa037d3b14486c8bf0727ab087a8f94572768f5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 23:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31526
x-xss-protection
0
server
cafe
etag
439 / 19935 / 31085717 / config-hash: 373250474314107337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jul 2024 23:32:00 GMT

Redirect headers

Date
Wed, 31 Jul 2024 23:32:00 GMT
X-Content-Type-Options
nosniff
Server
cafe
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location
https://www.googletagservices.com/tag/js/gpt.js
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Wed, 31 Jul 2024 23:32:00 GMT
Logo-Overblog-Newportal.png
assets.over-blog.com/b/site/bundles/build/images/ 		0
0
Logo-Overblog-Newportal-mini.png
assets.over-blog.com/b/site/bundles/build/images/ 		0
0
fr.png
assets.over-blog.com/b/site/bundles/build/images/flags/ 		0
0
en.png
assets.over-blog.com/b/site/bundles/build/images/flags/ 		0
0
de.png
assets.over-blog.com/b/site/bundles/build/images/flags/ 		0
0
es.png
assets.over-blog.com/b/site/bundles/build/images/flags/ 		0
0
it.png
assets.over-blog.com/b/site/bundles/build/images/flags/ 		0
0
400x400-ct.jpg
resize.over-blog.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resize.over-blog.com/400x400-ct.jpg?https://i.ytimg.com/vi/lesmQCLd4dU/hqdefault.jpg
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.128.239.81 , France, ASN35717 (WEBEDIA-AS, FR),
Reverse DNS
Software
/
Resource Hash
ef3109dbb9bc926a2fe10a41d3b9cf9783dd18260e5522938ee9e31c4adf402f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:32:13 GMT
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
age
25187
etag
"9a3fac2659dae00db472a0f46da66865e203a5c9"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
x-frame-options
DENY
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
12815
x-xss-protection
1;mode=block
expires
Thu, 01 Aug 2024 16:32:13 GMT
400x400-ct.jpg
resize.over-blog.com/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resize.over-blog.com/400x400-ct.jpg?https://img.over-blog-kiwi.com/0/54/84/35/20170402/ob_3d7e87_p3241466.jpg
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.128.239.81 , France, ASN35717 (WEBEDIA-AS, FR),
Reverse DNS
Software
/
Resource Hash
2e980c1a207851e338eb38bc0c6678f9a3d5c9837e3092802f46ba18d853b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 23:16:54 GMT
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
age
906
etag
"8659bc6781c69668bfda81d3fe98266bf8509835"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
x-frame-options
DENY
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
26879
x-xss-protection
1;mode=block
expires
Thu, 01 Aug 2024 23:16:54 GMT
400x400-ct.jpg
resize.over-blog.com/ 		0
0
400x400-ct.jpg
resize.over-blog.com/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resize.over-blog.com/400x400-ct.jpg?https://img.over-blog-kiwi.com/2/11/67/91/20170402/ob_d8e7ce_rameaux-minimes.jpg
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.128.239.81 , France, ASN35717 (WEBEDIA-AS, FR),
Reverse DNS
Software
/
Resource Hash
e1a64d28e2fff39f5810c1a220022fe17146ba18b863d74c08738260d149874b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:34:27 GMT
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
age
14253
etag
"e1df61c1b0c8d42cc787c83b517380a3ae87f9f3"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
x-frame-options
DENY
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
57793
x-xss-protection
1;mode=block
expires
Thu, 01 Aug 2024 19:34:27 GMT
400x400-ct.jpg
resize.over-blog.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resize.over-blog.com/400x400-ct.jpg?http://img.over-blog-kiwi.com/0/85/87/90/20150204/ob_676d7d_picsart-1423005022300.jpg
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.128.239.81 , France, ASN35717 (WEBEDIA-AS, FR),
Reverse DNS
Software
/
Resource Hash
58baeb2e76ab1744738c2df19807a9425ffc7c957d62ab1fd32863aa58d97be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:34:27 GMT
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
age
14253
etag
"ea47a21b6e1807bb50855e41c0c374d7ee7ab1f0"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
x-frame-options
DENY
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
20100
x-xss-protection
1;mode=block
expires
Thu, 01 Aug 2024 19:34:27 GMT
400x400-ct.jpg
resize.over-blog.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resize.over-blog.com/400x400-ct.jpg?http://img.over-blog.com/2/55/76/46/archives/19/gateau-au-fromage-blanc-citron-framboise-pepites-de-chocol.jpg
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.128.239.81 , France, ASN35717 (WEBEDIA-AS, FR),
Reverse DNS
Software
/
Resource Hash
82d2b5227bfb69d3692523803d84d8c191d92449b5b637e1777b7216b7d4d57a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 15:26:42 GMT
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
age
29118
etag
"5bfbd78c8064bd9ea63ba8b8fcd232afbde549dc"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
x-frame-options
DENY
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
26534
x-xss-protection
1;mode=block
expires
Thu, 01 Aug 2024 15:26:42 GMT
400x400-ct.jpg
resize.over-blog.com/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resize.over-blog.com/400x400-ct.jpg?http://img.over-blog.com/3/64/25/12/Couvertures-./ORWELL-LA-FERME-DES-ANIMAUX.gif
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.128.239.81 , France, ASN35717 (WEBEDIA-AS, FR),
Reverse DNS
Software
/
Resource Hash
2a97d20381c75a3e47439f7dcaf12fe7633539d3286ed22294de4be3bd4347a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 23:16:54 GMT
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
age
906
etag
"2f1ade4b0e4cf9d87e6c4885a287c325accee45b"
vary
Accept-Encoding
x-cache
HIT
content-type
image/gif
x-frame-options
DENY
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
74438
x-xss-protection
1;mode=block
expires
Thu, 01 Aug 2024 23:16:54 GMT
400x400-ct.jpg
resize.over-blog.com/ 		0
0
350x170-ct.jpg
resize.over-blog.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resize.over-blog.com/350x170-ct.jpg?http://img.over-blog-kiwi.com/0/93/36/61/20140319/ob_f064e5_creme-de-carottes-mixee.jpg
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.128.239.81 , France, ASN35717 (WEBEDIA-AS, FR),
Reverse DNS
Software
/
Resource Hash
a75dcde08e8bfcc6aa6fcb14e8e243f298e753d6dac1c2216fd01a5fe7880781
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 09:56:40 GMT
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
age
48920
etag
"9effcde021cf754a3a3f1f6d57143e2ae7eebbfe"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
x-frame-options
DENY
cache-control
max-age=86400,public
accept-ranges
bytes
content-length
16456
x-xss-protection
1;mode=block
expires
Thu, 01 Aug 2024 09:56:40 GMT
build.js
assets.over-blog.com/b/site/bundles/build/js/ 		0
0
comscore.js
assets.over-blog.com/b/site/bundles/overblogfront/js/ 		0
0
mediametrie.js
assets.over-blog.com/b/site/bundles/overblogfront/js/ 		0
0
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 Jul 2024 23:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1016
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 01 Aug 2024 01:15:05 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/ 		474 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 31 Jul 2024 12:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
41295
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151374
x-xss-protection
0
server
cafe
etag
16932859754834633169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Jul 2025 12:03:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		62 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=geisha.erog.fr
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ce322cedd2a3f1c0926b2b2b97e2e392b62ba8869a609908ed8bcf4abd7b67fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 23:32:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
x-xss-protection
0
expires
Wed, 31 Jul 2024 23:32:01 GMT
linkid.js
www.google-analytics.com/plugins/ua/
Redirect Chain
  • http://www.google-analytics.com/plugins/ua/linkid.js
  • https://www.google-analytics.com/plugins/ua/linkid.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:54:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
2245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 31 Jul 2024 23:54:36 GMT

Redirect headers

Location
https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
likebox.php
www.facebook.com/plugins/ Frame FA5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FOverblog&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=231701373546196
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 23:32:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397946826030975421"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397946826030975421", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2775, tp=-1, tpl=-1, uplat=164, ullat=0
x-fb-debug
3+N2f/Xq/FwpmilydCDLU+4vE/PHBEvdRDLSkOE12Fi/xO3IHZT7xG30lzWp0CplbrVU02dQL26VZdFzp70PxQ==
x-fb-server-load
30
x-xss-protection
0
fr.png
assets.over-blog.com/b/site/bundles/build/images/flags/ 		0
0
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA9) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 23:32:01 GMT
Content-Encoding
gzip
Age
427
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (pab/6FA9)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame B8F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fgeisha.erog.fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA5) /
Resource Hash

Request headers

Referer
http://geisha.erog.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
11135812
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 23:32:01 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6FA5)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA9) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 23:32:01 GMT
Content-Encoding
gzip
Age
11135815
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (pab/6FA9)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
timeline.e108540dddc96e4b707f5cf259a582d7.js
platform.twitter.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.e108540dddc96e4b707f5cf259a582d7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA9) /
Resource Hash
e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 23:32:01 GMT
Content-Encoding
gzip
Age
11135816
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2965
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (pab/6FA9)
Etag
"e1b37e9fee06488be9c4cff0558f4e37+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
follow_button.2f70fb173b9000da126c79afe2098f02.fr.html
platform.twitter.com/widgets/ Frame 9775 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.fr.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F9B) /
Resource Hash

Request headers

Referer
http://geisha.erog.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
11135700
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14037
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 23:32:01 GMT
Etag
"a7f0398689d3471a53e3b23dbd2f0312+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F9B)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fgeisha.erog.fr%2F%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1722468721657%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3c1d8519b8e1acb960207464a640b98da54b53cd
Requested by
Host: geisha.erog.fr
URL: http://geisha.erog.fr//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
http://geisha.erog.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time
115
date
Wed, 31 Jul 2024 23:32:01 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 31 Jul 2024 23:32:01 GMT
server
tsa_f
vary
Origin
content-type
image/gif
x-transaction-id
c51621fc6b640c6e
cache-control
must-revalidate, max-age=600
perf
7402827104
x-connection-hash
17f24654c878540aad060e4ef97232e7bcea05fb24abebb2d326a6e4f5c43640
content-length
43
Overblog
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 5D66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/srv/timeline-profile/screen-name/Overblog?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=true&hideScrollBar=false&lang=fr&maxHeight=150px&origin=http%3A%2F%2Fgeisha.erog.fr%2F%2F&sessionId=3c1d8519b8e1acb960207464a640b98da54b53cd&showHeader=false&showReplies=false&transparent=true&widgetsVersion=2615f7e52b7e0%3A1702314776716
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Xss-Protection 0

Request headers

Referer
http://geisha.erog.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0
content-encoding
gzip
content-length
1504
content-security-policy
default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
content-type
text/html;charset=utf-8
date
Wed, 31 Jul 2024 23:32:01 UTC
perf
7402827104
server
tsa_f
strict-transport-security
max-age=631138519
x-connection-hash
0a6aefe3f453d9b9d9cf1e1be7cbb891bf00c0a49272d977a415c33261f6e90c
x-response-time
105
x-transaction-id
d9a630d0aac0f91b
x-xss-protection
0
favicon.ico
assets.over-blog.com/b/site/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/css/build.css?v1.5.9.0
Domain
w.estat.com
URL
https://w.estat.com/js/whap.js
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/overblogfront/js/ads.js?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/Logo-Overblog-Newportal.png?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/Logo-Overblog-Newportal-mini.png?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/flags/fr.png?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/flags/en.png?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/flags/de.png?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/flags/es.png?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/flags/it.png?v1.5.9.0
Domain
resize.over-blog.com
URL
https://resize.over-blog.com/400x400-ct.jpg?https://img.over-blog-kiwi.com/1/21/07/35/20170317/ob_5d792c_img-3300-copie.JPG
Domain
resize.over-blog.com
URL
https://resize.over-blog.com/400x400-ct.jpg?http://img.over-blog-kiwi.com/0/48/52/78/20151222/ob_66f372_domes-guimauve-caramel-1.jpeg
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/js/build.js?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/overblogfront/js/comscore.js?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/overblogfront/js/mediametrie.js?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/bundles/build/images/flags/fr.png?v1.5.9.0
Domain
assets.over-blog.com
URL
https://assets.over-blog.com/b/site/favicon.ico?v1.5.9.0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| GoogleAnalyticsObject function| ga object| googletag object| ggeac object| google_js_reporting_queue object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_reactive_ads_global_state number| ratio function| applyRatio object| mapping object| slot object| twttr object| __twttrll object| __twttr

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: http://geisha.erog.fr//
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.over-blog.com
fonts.googleapis.com
geisha.erog.fr
platform.twitter.com
resize.over-blog.com
securepubads.g.doubleclick.net
syndication.twitter.com
w.estat.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
assets.over-blog.com
resize.over-blog.com
w.estat.com
104.244.42.200
172.217.16.130
185.128.239.81
195.20.15.131
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a03:2880:f177:185:face:b00c:0:25de
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
2a97d20381c75a3e47439f7dcaf12fe7633539d3286ed22294de4be3bd4347a4
2e980c1a207851e338eb38bc0c6678f9a3d5c9837e3092802f46ba18d853b4a0
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
58baeb2e76ab1744738c2df19807a9425ffc7c957d62ab1fd32863aa58d97be6
626f49155368e6be161889199d729d5ec0dace2b3a91c8273bb18aed73f725fb
82d2b5227bfb69d3692523803d84d8c191d92449b5b637e1777b7216b7d4d57a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a2e37aee0cfd774b5a032e4280538b530a2bfb8afdfbb6c0afa6bc3ee93e477f
a75dcde08e8bfcc6aa6fcb14e8e243f298e753d6dac1c2216fd01a5fe7880781
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bf4ae27ee834cd04c7fd8ce4aa037d3b14486c8bf0727ab087a8f94572768f5e
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
ce322cedd2a3f1c0926b2b2b97e2e392b62ba8869a609908ed8bcf4abd7b67fd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a64d28e2fff39f5810c1a220022fe17146ba18b863d74c08738260d149874b
e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb
e781ce49f0dc9fb19fdeeafb453f3ea4295fe8b8fdcd443690e1128c56cc8d54
ef3109dbb9bc926a2fe10a41d3b9cf9783dd18260e5522938ee9e31c4adf402f