original-pmu.blogspot.com Open in urlscan Pro
2a00:1450:4001:830::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://original-pmu.blogspot.com/?m=0
Submission: On September 05 via manual (September 5th 2023, 7:01:33 am UTC) from BF — Scanned from DE

Summary HTTP 84 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 22 domains to perform 84 HTTP transactions. The main IP is 2a00:1450:4001:830::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is original-pmu.blogspot.com.

This is the only time original-pmu.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:811::2009	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6 12	34.102.200.23 34.102.200.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	54.36.176.112 54.36.176.112	16276 (OVH) (OVH)
12 12	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.83.183.115 212.83.183.115	12876 (Online SAS) (Online SAS)
2 3	5.196.53.228 5.196.53.228	16276 (OVH) (OVH)
1	188.165.42.17 188.165.42.17	16276 (OVH) (OVH)
1	212.27.63.105 212.27.63.105	12322 (PROXAD) (PROXAD)
1 1	2606:4700:303... 2606:4700:3034::6815:15de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3034::ac43:c8d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
84	25

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

original-pmu.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.102.200.23 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.200.102.34.bc.googleusercontent.com

www.geny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.36.176.112 (France)

ASN16276 (OVH, FR)
PTR: ns3092782.ip-54-36-176.eu

geoloc5.geovisite.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3038::6815:ea1b (United States) 12 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.83.183.115 (France)

ASN12876 (Online SAS, FR)
PTR: www.allosponsor.com

www.allosponsor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hebdotop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.196.53.228 (Criquebeuf-la-Campagne, France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip228.ip-5-196-53.eu

www.uhit.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uhit.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.42.17 (Compiègne, France)

ASN16276 (OVH, FR)
PTR: mpool.netoo.net

blogs.netoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.27.63.105 (France)

ASN12322 (PROXAD, FR)
PTR: perso105-g5.free.fr

www.rapidoweb.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:15de (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	root-top.com 12 redirects img.root-top.com	69 KB
12	geny.com 6 redirects www.geny.com	13 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	266 KB
7	geovisite.ovh geoloc5.geovisite.ovh	389 KB
6	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 18261	2 KB
6	pronostic-facile.fr 1 redirects www.pronostic-facile.fr cdn1.pronostic-facile.fr	13 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 120 www.google.com — Cisco Umbrella Rank: 2	152 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 10243	168 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	42 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	272 KB
4	allopass.com payment.allopass.com	11 KB
3	uhit.eu 2 redirects www.uhit.eu uhit.eu	539 B
3	blogspot.com original-pmu.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11171	25 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	5 KB
2	googleusercontent.com 1 redirects themes.googleusercontent.com — Cisco Umbrella Rank: 10421	1 MB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 954	7 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1104	602 B
1	gstatic.com fonts.gstatic.com	18 KB
1	hebdotop.com www.hebdotop.com
1	free.fr www.rapidoweb.free.fr	2 KB
1	netoo.com blogs.netoo.com	2 KB
1	allosponsor.com www.allosponsor.com
84	22

	Domain	Requested by
25	img.root-top.com	12 redirects original-pmu.blogspot.com
12	www.geny.com	6 redirects original-pmu.blogspot.com
8	pagead2.googlesyndication.com	original-pmu.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	geoloc5.geovisite.ovh	original-pmu.blogspot.com geoloc5.geovisite.ovh
6	resources.blogblog.com	original-pmu.blogspot.com www.blogger.com
5	www.pronostic-facile.fr	1 redirects original-pmu.blogspot.com www.pronostic-facile.fr static.cloudflareinsights.com
5	www.blogger.com	original-pmu.blogspot.com apis.google.com
4	www.googletagmanager.com	payment.allopass.com www.pronostic-facile.fr www.googletagmanager.com www.google-analytics.com
4	payment.allopass.com	original-pmu.blogspot.com payment.allopass.com
4	apis.google.com	original-pmu.blogspot.com apis.google.com www.blogger.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	themes.googleusercontent.com	1 redirects original-pmu.blogspot.com
2	www.uhit.eu	2 redirects
2	original-pmu.blogspot.com	original-pmu.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.pronostic-facile.fr
1	cdn1.pronostic-facile.fr	www.pronostic-facile.fr
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	original-pmu.blogspot.com
1	www.hebdotop.com	original-pmu.blogspot.com
1	www.rapidoweb.free.fr	original-pmu.blogspot.com
1	blogs.netoo.com	original-pmu.blogspot.com
1	uhit.eu	original-pmu.blogspot.com
1	www.allosponsor.com	original-pmu.blogspot.com
1	1.bp.blogspot.com	original-pmu.blogspot.com
84	28

This site contains links to these domains. Also see Links.

Domain
payment.allopass.com
paris-promise.blogspot.com
calcula-prono.blogspot.com
pros-afrique.blogspot.com
cash-back1.blogspot.com
cash-du-jours.blogspot.com
recordturf1.blogspot.com
cash-univers.blogspot.com
pari-brillant.blogspot.com
turfistes1.blogspot.com
tierces-tuyau.blogspot.com
course-uniques.blogspot.com
grand-gagant.blogspot.com
derby-tierces.blogspot.com
course-en-euro.blogspot.com
gains-cash1.blogspot.com
bezz-dupmu.blogspot.com
www.root-top.com
www.allosponsor.com
www.uhit.eu
blogs.netoo.com
www.rapidoweb.free.fr
www.mondeturf.net
referencementsitegratuit.page-internet.net
www.istockphoto.com
www.blogger.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-07` - `2023-10-07`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
geoloc5.idealpes.com R3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
root-top.com E1	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
pronostic-facile.fr GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://original-pmu.blogspot.com/?m=0
Frame ID: 20CC16DCBAABA01FDBCE403499B3BBEA
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: E1CFA98DDAF40C1F9F3AB58322D93C41
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&vt=-6040728026497715392&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__
Frame ID: 7C2B7EBE392C5D49DDC34C2A5ED40E51
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4442622547489634&output=html&adk=1812271804&adf=3025194257&lmt=1693862357&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=http%3A%2F%2Foriginal-pmu.blogspot.com%2F%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693897287347&bpp=6&bdt=186&idt=269&shv=r20230830&mjsv=m202308300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1599107172328&frm=20&pv=2&ga_vid=897850501.1693897288&ga_sid=1693897288&ga_hid=301089663&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31076838%2C31076998%2C31077587&oid=2&pvsid=4304922265523039&tmod=1355601740&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287
Frame ID: F6F9D2EF1C1A4FB2BB48A175AB16C394
Requests: 1 HTTP requests in this frame

Frame: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Frame ID: 18FA583C0E1004924400F741B82631C6
Requests: 6 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Frame ID: E2975F80D903B1EDE422FBA62E4EA96B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 446D1C898EE12A463F46F9BA37392155
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E012CF90A88CEAE53E502881D470E691
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ORIGINAL-PMU

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

84
Requests

65 %
HTTPS

73 %
IPv6

22
Domains

28
Subdomains

25
IPs

3
Countries

2627 kB
Transfer

4183 kB
Size

8
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://payment.allopass.com/buy/buy.apu?ids=357205&idd=1558204&carousel=row

Search URL Search Domain Scan URL

URL: http://paris-promise.blogspot.com/
Title: PARIS-PROMISE

Search URL Search Domain Scan URL

URL: http://calcula-prono.blogspot.com/

Search URL Search Domain Scan URL

URL: http://pros-afrique.blogspot.com/
Title: PROS-AFRIQUE

Search URL Search Domain Scan URL

URL: http://cash-back1.blogspot.com/
Title: CASH-BACK1

Search URL Search Domain Scan URL

URL: http://cash-du-jours.blogspot.com/
Title: CASH-DU-JOURS

Search URL Search Domain Scan URL

URL: http://recordturf1.blogspot.com/
Title: RECORDTURF1

Search URL Search Domain Scan URL

URL: http://cash-univers.blogspot.com/
Title: CASH-UNIVERS

Search URL Search Domain Scan URL

URL: http://pari-brillant.blogspot.com/
Title: PARI-BRILLANT

Search URL Search Domain Scan URL

URL: http://turfistes1.blogspot.com/
Title: TURFISTES1

Search URL Search Domain Scan URL

URL: http://tierces-tuyau.blogspot.com/
Title: TIERCES-TUYAU

Search URL Search Domain Scan URL

URL: http://course-uniques.blogspot.com/
Title: COURSE-UNIQUES

Search URL Search Domain Scan URL

URL: http://grand-gagant.blogspot.com/
Title: GRAND-GAGANT

Search URL Search Domain Scan URL

URL: http://derby-tierces.blogspot.com/
Title: DERBY-TIERCES

Search URL Search Domain Scan URL

URL: http://course-en-euro.blogspot.com/
Title: COURSE-EN-EURO

Search URL Search Domain Scan URL

URL: http://gains-cash1.blogspot.com/
Title: GAINS-CASH1

Search URL Search Domain Scan URL

URL: http://bezz-dupmu.blogspot.com/
Title: BEZZ-DUPMU

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/originalpmu1/in.php?ID=7

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfistes/in.php?ID=1644

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/bettop/in.php?ID=188

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/gagnantplus/in.php?ID=56

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/freeturf/in.php?ID=2

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmu365/in.php?ID=12

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/megaturf/in.php?ID=979
Title: .

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfoscope/in.php?ID=554

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=1033

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/dada/in.php?ID=87

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/classement_general/in.php?ID=1981

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baseprono/in.php?ID=256

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfaunet/in.php?ID=506

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/filibert42/in.php?ID=5

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=839

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toptierce/in.php?ID=245

Search URL Search Domain Scan URL

URL: http://www.allosponsor.com/accueil.php?ref=51293

Search URL Search Domain Scan URL

URL: http://www.uhit.eu/

Search URL Search Domain Scan URL

URL: http://blogs.netoo.com/

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=1795

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/forumturf/in.php?ID=28

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/lamaisonmere/in.php?ID=131

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfgagnant/in.php?ID=334

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/zeturf24/in.php?ID=51

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/chevaldorinfoturf/in.php?ID=167

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toppronosticgratuit/in.php?ID=118

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/james15/in.php?ID=245

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion/in.php?ID=102

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baronturf/in.php?ID=82

Search URL Search Domain Scan URL

URL: http://www.mondeturf.net/vote.php?id=5232
Title: Mondeturf.net

Search URL Search Domain Scan URL

URL: http://referencementsitegratuit.page-internet.net/
Title: Referencement gratuit

Search URL Search Domain Scan URL

URL: http://www.istockphoto.com/file_closeup.php?id=8126402&platform=blogger
Title: jangeltun

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.geny.com/web/images/pictos/paris/2sur4_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/2sur4_01.gif

Request Chain 7

http://www.geny.com/web/images/pictos/paris/multi_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/multi_01.gif

Request Chain 8

http://www.geny.com/web/images/pictos/paris/tierce_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/tierce_01.gif

Request Chain 9

http://www.geny.com/web/images/pictos/paris/quarte_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/quarte_01.gif

Request Chain 10

http://www.geny.com/web/images/pictos/paris/quinte_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/quinte_01.gif

Request Chain 11

http://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif HTTP 301
https://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif

Request Chain 13

http://img.root-top.com/topsite/originalpmu1/banner.gif HTTP 301
https://img.root-top.com/topsite/originalpmu1/banner.gif

Request Chain 14

http://img.root-top.com/topsite/turfistes/banner.gif HTTP 301
https://img.root-top.com/topsite/turfistes/banner.gif

Request Chain 15

http://img.root-top.com/topsite/bettop/banner.gif HTTP 301
https://img.root-top.com/topsite/bettop/banner.gif

Request Chain 16

http://img.root-top.com/topsite/gagnantplus/banner.gif HTTP 301
https://img.root-top.com/topsite/gagnantplus/banner.gif

Request Chain 17

http://img.root-top.com/topsite/freeturf/banner.gif HTTP 301
https://img.root-top.com/topsite/freeturf/banner.gif

Request Chain 18

http://img.root-top.com/topsite/pmu365/banner.gif HTTP 301
https://img.root-top.com/topsite/pmu365/banner.gif

Request Chain 19

http://img.root-top.com/topsite/turfoscope/banner.gif HTTP 301
https://img.root-top.com/topsite/turfoscope/banner.gif

Request Chain 20

http://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 301
https://img.root-top.com/topsite/jmpep80top/banner.gif

Request Chain 21

http://img.root-top.com/topsite/dada/banner.gif HTTP 301
https://img.root-top.com/topsite/dada/banner.gif

Request Chain 22

http://img.root-top.com/topsite/classement_general/banner.gif HTTP 301
https://img.root-top.com/topsite/classement_general/banner.gif

Request Chain 23

http://img.root-top.com/topsite/baseprono/banner.gif HTTP 301
https://img.root-top.com/topsite/baseprono/banner.gif

Request Chain 24

http://img.root-top.com/topsite/turfaunet/banner.gif HTTP 301
https://img.root-top.com/topsite/turfaunet/banner.gif

Request Chain 27

http://www.uhit.eu/button1.php?u=titro-turf HTTP 301
https://www.uhit.eu/ HTTP 301
https://uhit.eu/

Request Chain 32

http://www.pronostic-facile.fr/widget/originalpmu/script/feed HTTP 301
https://www.pronostic-facile.fr/widget/originalpmu/script/feed

Request Chain 36

http://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600 HTTP 301
https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

84 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
original-pmu.blogspot.com/ 76 KB
14 KB 733ms
684ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ce1bf3234fff44da8c5e2e28b9255bd7cb0b191acbdaa0e1d63815b94327988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 13671
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Sep 2023 07:01:27 GMT
ETag: W/"5a4fad5fa548f17ba01b0393c56ee936542cd5ddbbbafcadbcbffce94ee6b816"
Expires: Tue, 05 Sep 2023 07:01:27 GMT
Last-Modified: Mon, 04 Sep 2023 23:19:17 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 127ms
24ms Stylesheet
text/css 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 14:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 09:57:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 31 Aug 2024 14:31:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 126ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4442622547489634&host=ca-host-pub-1556223355139109

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d93bf5fc89ef418ce7efec2e749ef0d2167504896f0a3e587aa471be33213a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Origin: http://original-pmu.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50467
x-xss-protection: 0
server: cafe
etag: 1755147568407602501
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 07:01:27 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 146ms
144ms Stylesheet
text/css 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5579839696325710492&zx=660b7118-eeb4-404c-878b-769c8ac3e2b0

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 05 Sep 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 07:01:27 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 61ms
26ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98e1802d6c84b348969c428c14b5eef73dbe33744477d92b7700b7c9777ce62

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 07:01:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22284
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "6cfc15e737d447ba"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 07:01:27 GMT

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 704ms
521ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=357205&idd=1558204&lang=fr
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 21b49318fd4b1f5d1bdb2e53293c578dce16464189cb2188d4cac11f62e1598f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 07:01:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2960
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 whatsapp-png-image-9.png
1.bp.blogspot.com/-nXl-XCtWwfs/XDNpc71ao8I/AAAAAAAAAqc/4ySHv7VaA2w67u3rS7moYnCfFCiVNptkQCLcBGAs/s1600/ 8 KB
9 KB 83ms
15ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nXl-XCtWwfs/XDNpc71ao8I/AAAAAAAAAqc/4ySHv7VaA2w67u3rS7moYnCfFCiVNptkQCLcBGAs/s1600/whatsapp-png-image-9.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69c358d01d2ca3161faa7ce60bcba0d144f8f62db451d7297e8b5f8f2ef91e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:27:37 GMT
x-content-type-options: nosniff
age: 9230
content-disposition: inline;filename="whatsapp-png-image-9.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8533
x-xss-protection: 0
server: fife
etag: "v2aa"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 06 Sep 2023 04:27:37 GMT

GET
H2

200

2sur4_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/2sur4_01.gif
https://www.geny.com/web/images/pictos/paris/2sur4_01.gif

1 KB
1 KB

72ms
39ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/2sur4_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

3b9ed92648425393a41f6eaec5d1c1d992c91029ad1704da4cc6a3fe5d98cf99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 06:21:52 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/2sur4_01.gif
Date: Tue, 05 Sep 2023 07:01:27 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

multi_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/multi_01.gif
https://www.geny.com/web/images/pictos/paris/multi_01.gif

1 KB
1 KB

73ms
40ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/multi_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

0f1917620a3a33ca16e84bb58ea89ee48dad221de013bfa383ab245c641f81f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 06:21:52 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1206
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/multi_01.gif
Date: Tue, 05 Sep 2023 07:01:27 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

tierce_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/tierce_01.gif
https://www.geny.com/web/images/pictos/paris/tierce_01.gif

1 KB
1 KB

70ms
37ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/tierce_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

b54af5a0949a40cde9b1cddc22374a0f13430856bdd24a874daa42e78b71aff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:26 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 06:21:52 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1217
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/tierce_01.gif
Date: Tue, 05 Sep 2023 07:01:27 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

quarte_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/quarte_01.gif
https://www.geny.com/web/images/pictos/paris/quarte_01.gif

1 KB
2 KB

69ms
37ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/quarte_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

428921331c37e4949f9a73bea7e09750840b551e786090f36d211de7b21329e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 06:21:52 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1292
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/quarte_01.gif
Date: Tue, 05 Sep 2023 07:01:27 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

quinte_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/quinte_01.gif
https://www.geny.com/web/images/pictos/paris/quinte_01.gif

1 KB
1 KB

73ms
41ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/quinte_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

99cc06e9ff11236fc96dfbc21c6009253a0ac0a28c5dfb08af429d71c8e7edc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 06:21:52 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1304
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/quinte_01.gif
Date: Tue, 05 Sep 2023 07:01:27 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

sct2tqqm_01.gif
www.geny.com/web/images/pictos/paris/
Redirect Chain

http://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif
https://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif

4 KB
4 KB

72ms
39ms

Image
image/gif

34.102.200.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geny.com/web/images/pictos/paris/sct2tqqm_01.gif

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

34.102.200.23 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.200.102.34.bc.googleusercontent.com

Software

geny.com /

Resource Hash

0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 06:21:52 GMT
server: geny.com
x-frame-options: DENY
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4002
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geny.com:443/web/images/pictos/paris/sct2tqqm_01.gif
Date: Tue, 05 Sep 2023 07:01:27 GMT
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK geocounter.js Show response
geoloc5.geovisite.ovh/private/ 11 KB
12 KB 160ms
33ms Script
text/html 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://geoloc5.geovisite.ovh/private/geocounter.js?compte=9279n1qjl1j2
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: 97b747411df1076bee98cb066be2c8ef9996880ddac718c7b5459b022b71bc14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 07:01:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: text/html; charset=UTF-8
Connection: close
Expires: Tue, 9 May 2000 11:11:11 GMT

GET
H2

200

banner.gif
img.root-top.com/topsite/originalpmu1/
Redirect Chain

http://img.root-top.com/topsite/originalpmu1/banner.gif
https://img.root-top.com/topsite/originalpmu1/banner.gif

4 KB
5 KB

14ms
14ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/originalpmu1/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2124733
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ll6KB%2BNCEDwW5EmybDY%2FagWIZ7rIhGzRjk2VxThdp4nyBFpc7vWsUjV9Iu%2FTuC9HhALYaiLJ1C3LyE%2FLYGcX6WhAGII2%2B%2F5Wk4InB84YB87neYS1McASAIIN8mFvbs7a6KC8E0it%2B9DxheUhth11"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df0f6e1953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D67jNZ%2FSYHfbdJFJNDrAVi07IR0HzCj28P87FPXDOIa08tYdbRCfdLjvX5TNoDjcdupOFrypvJkHW58v%2B%2Bffbt%2Fna%2Br9WJnA1Hfhn2n1Bv4kMYV90htEve7eVNNAhCH6FV2Modzov%2BEmPmzpFAwW"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/originalpmu1/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99de8fa23a88-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/turfistes/
Redirect Chain

http://img.root-top.com/topsite/turfistes/banner.gif
https://img.root-top.com/topsite/turfistes/banner.gif

4 KB
5 KB

24ms
23ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfistes/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2147864
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch0Ta9porCLbeNcswj87U2qwABKxbW68FgDOhoSdUmQ%2FGpXm2j4eZ%2Ba7Uepv2OAPwyJTOD%2FoJR5wBdWGBzYbT6sG%2FzwvdR4K40vJpEo7v%2FjdEIGagBtMsm8r41hYd3zPoQYOJZ2ZpLZF8Qvsx3bs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df2f9b1953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzissN4Nb1zKWcOU9T0vb1%2BdflsKOx3iMnGj3f1oaM7eFB80ykAv46U42CDtnP%2Fz7BMseM2zrszbdDmj8YmBjX%2B3sowmS7gbyif3GmoQaDhsvmMsuANhKDMU8Hccc%2B7oH6PaUAkx1Hv2Hm00bQRH"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/turfistes/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99ded9e8bb35-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/bettop/
Redirect Chain

http://img.root-top.com/topsite/bettop/banner.gif
https://img.root-top.com/topsite/bettop/banner.gif

4 KB
5 KB

16ms
15ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/bettop/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2144705
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mR5I0wb2kNRfQLIKZ7M3Nmmh3y7IPCacqswCyNU4EO1BARASW%2FO9JsX79ZpPmN%2FvW7T5%2Ff4h52bHKfbQNW9ppLftme4kCVxrtDX%2BXqaw3JgxinEbaP7dcoiopbBmA9aBODrKOWzOh4EnY6PTHMB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df3faa1953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvN0R8og%2BbsdmYkhsGzko2VjHnl2mhp9gElgLHmW3HNvXvt1yR55Vv4KLMvQhW%2BpJLAu5SaBWcK2Pjq2A53AlMnTgl6OA%2BrvPHumj0oDO3APudJ6C0D%2B88JYOXRUTvMbl9MJiQm0eYLEVSB6kKAU"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/bettop/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99dedaa930f0-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/gagnantplus/
Redirect Chain

http://img.root-top.com/topsite/gagnantplus/banner.gif
https://img.root-top.com/topsite/gagnantplus/banner.gif

4 KB
5 KB

14ms
13ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/gagnantplus/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2134022
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGDk%2BkmtMqLUYfjGtqmkudUmnJ9THitk2fpCyr%2FK5OLwnHy4EEaBzL5zv652NfKdFqlVVIxn8QLwTITjjnaN%2F1EzrV8%2BCxXyGk0gVjZ%2Ftml5klmBWo9CJ0I3BtYX4aMTPlF8jC2veLKmeDBUU%2FnL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df3fae1953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxgLttlcY23WMIl7thsVPxqaXQH3mQ61YnRLxWbTrb1h8VevQu20J07neR3pGzYLItDsozFdt4YE2W%2F2a9OJSTnImCUKS070q9gL9pvQBmzLyCyDlX4A7WO%2FodUNdnisTHVrv2M%2BDPmGndA8IAXY"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/gagnantplus/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99ded89491db-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/freeturf/
Redirect Chain

http://img.root-top.com/topsite/freeturf/banner.gif
https://img.root-top.com/topsite/freeturf/banner.gif

4 KB
5 KB

80ms
79ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/freeturf/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx817wtj5CuVSD2aefWe3YqEYn20zhRr9cMwS42h82TkrQEpJMQKD4Jd8JUVq7yu%2BecRoYfpeaQkXG44LXl14UuEaHVwNG4sj6aOZylLedlpoleDjLCKAVyq1g2x8MvjJEVu7cnzUZtqCaGYfDqh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df3fa41953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0ul4ikWBoT3O1aZAwzezG3dPpUBHDzc9pBqi1fJrNH1BRQaBp9ptg2j8g6uZFyFtwAu3BV7vrCC9R2g1AFufc60Ky2H%2BtmL3TbeNfnRkax16fYTfO6zNZp6UQGvqZcbgRvX%2FVbOGN7FdT8Z%2Fz4i"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/freeturf/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99decdeb1e6e-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/pmu365/
Redirect Chain

http://img.root-top.com/topsite/pmu365/banner.gif
https://img.root-top.com/topsite/pmu365/banner.gif

4 KB
5 KB

19ms
19ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/pmu365/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 250791
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5Sr7En%2BTDh8%2FfgSMiUx13%2FpnmPY9aNWjDrnj5Jr8pdnhtlNZ%2BFcuWrxulMkLz38Jh%2BwZPm%2BdL7FCyFzCNJ7zLpZnfgR8c51ShOgvdnOtHtWp%2FVY%2FjzmxDHvpYLPe0F5OpCDRH5S4CKrC%2Fo%2Bo7n%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df3fa71953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLQHbCdt8NPtkHNVZYy5EMSdvRU%2FHHoodlUXVIs0WDMG2iwKOP2sO7lPVdnVq%2BUxFn6v2ZkF30glyt0f04sopTOf1Qe4FYaQM%2BTC2BdItKF4rEBCcxV%2Bsnqes%2FDSSQAS0VIbd85Ze7aoPvXIXj44"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/pmu365/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99deccd99159-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/turfoscope/
Redirect Chain

http://img.root-top.com/topsite/turfoscope/banner.gif
https://img.root-top.com/topsite/turfoscope/banner.gif

4 KB
5 KB

19ms
18ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfoscope/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 440318
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxmnWdOJOpRuXD8j0LvXQxPj3r2LtuPwNNTeNR29mGB%2BDreIUjBix1isNA%2BPfAAGvRR%2BTR4tZ4baNhd1ck4aC3AotY%2Bg7gcc5imnwYFViljAp3NDAgSPdjf4%2Fo8uzByAd6B1taCLAj40fRO50gPp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df8aa59165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BiFZoaosOyWtmo%2FW%2BHI0ULFRZSyZtRPIRa9hhreA9ga%2FabKpBSaB2Wr2HlYmXXfI1Ireiz4CRfsK3bmKCEAUF7lWRu%2BK8w3YMgq%2BgP9zi%2FPMadP7Mh%2FuQ1mzijvSBXEjjOywlRgKXbNYpzaZLQq"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/turfoscope/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99df284a3a88-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/jmpep80top/
Redirect Chain

http://img.root-top.com/topsite/jmpep80top/banner.gif
https://img.root-top.com/topsite/jmpep80top/banner.gif

4 KB
5 KB

77ms
76ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/jmpep80top/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtSjRgC4%2BAWPO6Q1vbDTjS8HMcAIRg%2BSQsNpWx51y6RhnaxOpL0gi6aBX%2BqpcpEsvkctjDUz6TLh1XARWodARg32zxwYgs08wf%2BbBYRfCbkDBMQ8q931LrD2mbziYKxrx7E%2FHw%2BvEf7Femcy2B0z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99dfcaff9165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNju3htK9mn%2B5L877N%2BcI%2BCH%2BzCTJB2Ygw0wXFj4W3ZgKYoZ31fDenKzSltI58O18io6UXuLVlPNWwxggWZ%2FMT4RV3MAo%2FDvE%2B3PTAgxwfQSypIUzhKemReDdmCgimKoljY%2F9CKMfCsC0QQVOEwq"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/jmpep80top/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99df48ff91db-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/dada/
Redirect Chain

http://img.root-top.com/topsite/dada/banner.gif
https://img.root-top.com/topsite/dada/banner.gif

4 KB
5 KB

77ms
76ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/dada/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xGRF%2BQGd%2F7c4WxSHmQjdLEfqc2rWpdbE7GTrVu1fu5kvKClKIGf1sEJnQ1DfGpHipt6n4yVgZxpllRgmEV%2FwIxKt30UJmPaxUVk6faKYKzY%2FqhXbuuNfL%2B1F69rvGwIHQgIgj2xiHxj6w4craVv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99df6a839165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 440
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdpFRH4XtbPq3tIjn5QUy3TFYwoH58BgmhPoGNuWKSH2jROCPbiaETorpzTq2BTXuMlsHco7FXsvMvBrJrwQJYwTzsIEvnrQlQgVgVmkapjKJbtZjYUiOFO4Qubzcuw5PA6GWKnQHFfTsx%2BfwrTq"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/dada/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99df4b2b30f0-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/classement_general/
Redirect Chain

http://img.root-top.com/topsite/classement_general/banner.gif
https://img.root-top.com/topsite/classement_general/banner.gif

4 KB
5 KB

17ms
17ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/classement_general/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2146351
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyZek6FUBauH4N64bCWwgiUJU89ddFQ3eyHEoKItfi43D%2FcxUpnfPnEEfqBof9o0o17pdZTB7XlHnib4vgXfJwprVe6u5vq87YMW5c2uIVSR6%2B8ARRN70%2FFPJwGkU%2FQkWLsA0Cp1VhKiWfqLOUvW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99dfcb079165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSGl2mS231loQayKehiTMzfig0pul0WD5Aa13TslyFOHVnZ1%2BX51gUGD9uDIWwscAe1zuIkjIqiAfVklfePF8ynwqUCr7SM8WEOdMwrMrU80qBoq1bgbl8ddv0pDXxxIIL%2Fxi%2FTSLBFjnFPcQm0%2B"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/classement_general/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99df5d879159-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/baseprono/
Redirect Chain

http://img.root-top.com/topsite/baseprono/banner.gif
https://img.root-top.com/topsite/baseprono/banner.gif

4 KB
5 KB

80ms
79ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/baseprono/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npCvnEelc9Q335Ss%2BcbZrg8JAVLdsBt6rie7mpdGNGEdFrd%2F7ltjkkPTawOjjr3BDYTvLrvz5jBrWSJOEK0BH0uswDzfYWviHpWxRbyP7YA87W513JEYidrjXJjwR9Ti6%2B%2FuJ3KPo6snL1F2BBvh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99dfcb039165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJeVwFR6vkb8tTcLjEc0MdtAM2La9wyrgZjTE0Am2HUPlgSSHv%2FB9a7Td4VO0L3VKyyhzDjkWFLWWDgosW9yfHe73k0GV53hIQ2Y1tCbUCXIGEjyyuSf5GzObPBtlmo0qBBm%2BAz3uq04sRfyTtsR"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/baseprono/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99df5e801e6e-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H3

200

banner.gif
img.root-top.com/topsite/turfaunet/
Redirect Chain

http://img.root-top.com/topsite/turfaunet/banner.gif
https://img.root-top.com/topsite/turfaunet/banner.gif

4 KB
5 KB

16ms
15ms

Image
image/png

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfaunet/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H3
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2130800
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEMPvm%2Fv1uOH4jvNV1TiY5WBhK91Hq1HQNCPayn%2FNivB%2BTt4FOObTOqEW%2BgqJicQuiVBzU2voKHHc3nb05hJa5vnkxTBJSFmaDf30uW1X%2B2m2UGccCgA3Ckfon%2Fg2Ovy%2BbjJJzMEJER1c2NArVNA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99dffb3d9165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcczakZ%2FBEI4kg20waQ85MciQ45IqI2nHnk1h%2F7xLwwX9t5XABbSTcndwqRwDlzq5nLLA9k0EYQYeVsY%2FtOqO5X%2FoMLqVUwcykvabN2bRnyQ%2BhPVGPDWC%2F836sKfIxP8Dx0Jo%2BQL8dqlsgLTwDNC"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/turfaunet/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 801c99df98cd3a88-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2 200 banner.gif
img.root-top.com/topsite/filibert42/ 4 KB
5 KB 103ms
75ms Image
image/png 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/filibert42/banner.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52v%2FTcT%2FbgS6lXLBc0dhniga6THiraILtY4fGQluXA5PoElaCgG7kSmr%2FdHB%2BByFrYtnsPbE6afuybtGzri4LHx%2FZwNuaP6KPoGPTszyNCROvXiqlgw9DHJFx4mDQ%2FOdUq2GziQ767WQnk9ijuiu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 801c99deff451953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4424

GET
H/1.0 504
Gateway Time-out allosponsor_88x31.gif
www.allosponsor.com/image/ 0
0 149ms
21ms Image
text/html 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.allosponsor.com/image/allosponsor_88x31.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.0
Server: 212.83.183.115 , France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2

200

/
uhit.eu/
Redirect Chain

http://www.uhit.eu/button1.php?u=titro-turf
https://www.uhit.eu/
https://uhit.eu/

0
0

177ms
17ms

Image
text/html

5.196.53.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhit.eu/
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 5.196.53.228 Criquebeuf-la-Campagne, France, ASN16276 (OVH, FR),
Reverse DNS: ip228.ip-5-196-53.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date: Tue, 05 Sep 2023 07:01:27 GMT
server: Apache
x-redirect-by: WordPress
vary: Accept,Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://uhit.eu/
cache-control: max-age=0
content-length: 0
expires: Tue, 05 Sep 2023 07:01:27 GMT

GET
H/1.1 200
OK 88x31blogs.gif
blogs.netoo.com/pub/ 2 KB
2 KB 809ms
16ms Image
image/gif 188.165.42.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://blogs.netoo.com/pub/88x31blogs.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Server: 188.165.42.17 Compiègne, France, ASN16276 (OVH, FR),
Reverse DNS: mpool.netoo.net
Software: Apache /
Resource Hash: 1237421ee201c5fb40954aff7e9a8e39d011d8ab10cd7be9ec682f8e79e96711

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:28 GMT
Last-Modified: Sat, 19 Aug 2006 17:03:45 GMT
Server: Apache
ETag: "795-41b61dc153e40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1941

GET
H/1.1 200
OK topliens.gif
www.rapidoweb.free.fr/images/ 2 KB
2 KB 83ms
16ms Image
image/gif 212.27.63.105
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rapidoweb.free.fr/images/topliens.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Server: 212.27.63.105 , France, ASN12322 (PROXAD, FR),
Reverse DNS: perso105-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: 7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
Last-Modified: Fri, 21 Mar 2003 16:40:46 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]
ETag: "2b8d6b-831-3e7b408e"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 2097

GET
H/1.0 504
Gateway Time-out hebdotop.eur
www.hebdotop.com/cgi-bin/ 0
0 151ms
37ms Script
text/html 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hebdotop.com/cgi-bin/hebdotop.eur?id=303425
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.0
Server: 212.83.183.115 , France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 116ms
83ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ca14fc470f9f6d0096b3afb7d3fdf509210bac3ae9404f01dd2699a0c02dda5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50906
x-xss-protection: 0
server: cafe
etag: 14346758644775479468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 07:01:27 GMT

GET
H2

200

feed Show response
www.pronostic-facile.fr/widget/originalpmu/script/
Redirect Chain

http://www.pronostic-facile.fr/widget/originalpmu/script/feed
https://www.pronostic-facile.fr/widget/originalpmu/script/feed

245 B
816 B

90ms
54ms

Script
text/html

2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/originalpmu/script/feed
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: H2
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5744bdc6e361c95e2ae0959aa47a42f5799b5292025a5977afb7888d2f37d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-runtime: 1
date: Tue, 05 Sep 2023 07:01:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2r5FLfhwCD9%2FRChAwghQU56ZF8nGH8%2Bdrl1yXn3SMMEOjKHDYTcEDvUIFY9Xpw1j%2FgMF4rOAuscEjVFlA2w5MZoRxC2JlGp0MFhj8dRU7HcOPDD1LytW4qq9Sj63kfVndHF69OR2o8UPkZErkaOSZKvuBphgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 801c99de9de83674-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FypjRP1YmD0WApxtmyvBz%2F3Co2kzJ60Nm83DEOH3FHmTRMtdyDLPOA4ABe8n07%2FjIgq0QsKsWBkY2HeTGQVXbh0kdX9TVPvpXrip4Mv6uJ8%2Bj2Fk7JwksLh%2B2aL2R4TM%2BFkvR3oKFfLLyrngs2Cac3YguG9e5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.pronostic-facile.fr/widget/originalpmu/script/feed
Connection: keep-alive
CF-RAY: 801c99ddfb434db3-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK cookienotice.js Show response
original-pmu.blogspot.com/js/ 6 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://original-pmu.blogspot.com/js/cookienotice.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/?m=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 22:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 550830
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 2026
X-XSS-Protection: 0
Last-Modified: Tue, 29 Aug 2023 20:55:32 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 05 Sep 2023 22:00:57 GMT

GET
H2 200 940443484-widgets.js Show response
www.blogger.com/static/v1/widgets/ 157 KB
157 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/940443484-widgets.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d47b80895aa071da66c243d0515ad6d4cb46144c61b2f94dab8477ef83c5e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 02:10:48 GMT
x-content-type-options: nosniff
age: 103839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160425
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 01:52:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 03 Sep 2024 02:10:48 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/ 182 KB
61 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bb37ccaa8b7ce86cfaa3111d58a8ead5295dc1014a18383c7193e2c7ebebf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 18:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61948
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 18:52:46 GMT

GET
H2

200

image
themes.googleusercontent.com/
Redirect Chain

http://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600
https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

1 MB
1 MB

139ms
100ms

Image
image/jpeg

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d9d309e9e551cf6eb930544a61f51a74d57a442a4aaced61a8abfdc77fec7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1209057
x-xss-protection: 0
expires: Wed, 06 Sep 2023 07:01:27 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Sep 2023 07:01:27 GMT
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://themes.googleusercontent.com/image?id=1gpfxP2nJtSLbi1pGZBQbXIJk2RKaSqJJBB2VgXo5Mr0TKJU8zVWh9a0HdVouyWRIHRtB&options=w1600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 30ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 12:29:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 66717
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Mon, 18 Sep 2023 12:29:30 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/ 377 KB
128 KB 102ms
97ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4442622547489634&plah=original-pmu.blogspot.com&bust=31077587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4442622547489634&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d0a25878d7333cfffa2b08390b7f920fdd406922e3f55494529578e8807e91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131131
x-xss-protection: 0
server: cafe
etag: 3468987954822947003
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 07:01:27 GMT

GET
H2 200 white80.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
233 B 54ms
27ms Image
image/png 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/white80.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 03:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2023 16:50:31 GMT
server: sffe
age: 13567
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 12 Sep 2023 03:15:20 GMT

GET
H2 200 header_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 424 B
538 B 69ms
41ms Image
image/png 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/header_gradient_shade.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 10:48:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:50:38 GMT
server: sffe
age: 591151
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 424
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Sep 2023 10:48:56 GMT

GET
H2 200 tabs_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 185 B
299 B 55ms
27ms Image
image/png 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/tabs_gradient_shade.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 10:37:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Aug 2023 09:54:40 GMT
server: sffe
age: 591848
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Sep 2023 10:37:19 GMT

GET
H/1.1 200
OK tDbM2oWUg0MKoZw1-LPK8w.woff2
fonts.gstatic.com/s/arvo/v22/ 17 KB
18 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/arvo/v22/tDbM2oWUg0MKoZw1-LPK8w.woff2

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Origin: http://original-pmu.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Fri, 01 Sep 2023 18:11:38 GMT
X-Content-Type-Options: nosniff
Age: 305389
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 17300
X-XSS-Protection: 0
Last-Modified: Thu, 24 Aug 2023 17:31:49 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 31 Aug 2024 18:11:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame E1CF 10 KB
5 KB 98ms
38ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4442622547489634&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:49:56 GMT
etag: 9878862242593084568
expires: Mon, 18 Sep 2023 16:49:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 7C2B 7 KB
3 KB 122ms
121ms Document
text/html 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&vt=-6040728026497715392&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10b458539be48386e4f49d670aaf72cb3c210f545990663f8bb329ad6131064c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2607
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 07:01:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 590ms
585ms Stylesheet
text/css 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5579839696325710492&zx=660b7118-eeb4-404c-878b-769c8ac3e2b0

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 05 Sep 2023 07:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 07:01:28 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 7C2B 57 KB
22 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5579839696325710492&blogName=+++++++++++++++++++ORIGINAL-PMU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://original-pmu.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=http://original-pmu.blogspot.com/%3Fm%3D0&vt=-6040728026497715392&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc7199867a4710da0d4701512407aa7f1c02f0e0c0d909ea0eea4b9ada1aa6db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 07:01:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22294
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "22702cc4e4fc3488"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 07:01:27 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 7C2B 907 B
930 B 14ms
14ms Image
image/png 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:12:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2023 12:55:29 GMT
server: sffe
age: 10123
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 12 Sep 2023 04:12:44 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 7C2B 117 B
140 B 14ms
14ms Image
image/png 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 11:45:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 14:57:11 GMT
server: sffe
age: 587783
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Sep 2023 11:45:04 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/ Frame 7C2B 136 KB
45 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141b4add1ee6e11f0b21e431d6e481158a8761c649524cc1d364940633bef863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 19:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46551
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 19:59:02 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 65ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=original-pmu.blogspot.com&callback=_gfp_s_&client=ca-pub-4442622547489634

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4442622547489634&plah=original-pmu.blogspot.com&bust=31077587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9d47511942292fa18aa5986ff4edcd5f34db1c5ad9063ad555a937c8495e98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6F9 603 B
245 B 96ms
94ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4442622547489634&output=html&adk=1812271804&adf=3025194257&lmt=1693862357&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=http%3A%2F%2Foriginal-pmu.blogspot.com%2F%3Fm%3D0&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693897287347&bpp=6&bdt=186&idt=269&shv=r20230830&mjsv=m202308300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1599107172328&frm=20&pv=2&ga_vid=897850501.1693897288&ga_sid=1693897288&ga_hid=301089663&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31076838%2C31076998%2C31077587&oid=2&pvsid=4304922265523039&tmod=1355601740&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 07:01:27 GMT
expires: Tue, 05 Sep 2023 07:01:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
50 KB 66ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357205&idd=1558204&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ebcd5cea30bcdc8b890b5886967b28cad87b1ca72b7f5d2c15a2d7370b174d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50746
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Sep 2023 07:01:27 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 388ms
325ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357205&idd=1558204&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "24bbe-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 1125ms
825ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:28 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "215ef-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK geocounter_iframe_css_64.php Show response
geoloc5.geovisite.ovh/private/ Frame 18FA 169 KB
170 KB 135ms
102ms Document
text/html 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter.js?compte=9279n1qjl1j2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: 3cf6cd65a489cec9e2772408e6d8e0558c780209c2ce0de73393c2d14f750406

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Sep 2023 07:01:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK pointeur.gif
geoloc5.geovisite.ovh/private/geoloc/ 43 B
257 B 53ms
17ms Image
image/gif 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/private/geoloc/pointeur.gif?|9279n1qjl1j2||1200*1600|windows|en|24|1693897298|||chrome|116||DE|51.48750|7.22270|Bochum|Leaseweb+Deutschland+GmbH|1693897287|geocounter|0|1693897287|||http%3A//original-pmu.blogspot.com/%3Fm%3D0|NULL
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:27 GMT
Last-Modified: Tue, 04 Mar 2008 08:22:49 GMT
Server: lighttpd/1.4.54
Accept-Ranges: bytes
ETag: "2777121996"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/originalpmu/feed/ Frame E297 15 KB
6 KB 85ms
84ms Document
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/originalpmu/script/feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57123125641227529c927c49edab1ba420dafbfc777ff54430fea14f686a2bd4

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 801c99e16a8e3674-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 05 Sep 2023 07:01:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InC5NpJhyZzvA2LpVVcC%2BaxmxyhCNAi0sHEXHoZxXzsw%2FQmpCern%2FpMB7P%2FBTXnbvmWixwRF3PP0jhPv4TovGeyr7wTn6gbDf1JRo76JY%2FMa2PvNPoOFZ8i9sufLJP4zXAp2jdsT03Gk5sdj5adgl5wWWswjGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 60

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ 753 B
991 B 3316ms
26ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:31 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "432cd-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H3 200 black50.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
119 B 14ms
13ms Image
image/png 2a00:1450:4001:811::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/black50.png

Requested by

Host: original-pmu.blogspot.com
URL: http://original-pmu.blogspot.com/?m=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 11:24:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Sep 2023 09:57:25 GMT
server: sffe
age: 329846
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Sep 2023 11:24:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 05:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4625
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Sep 2023 07:44:23 GMT

GET
H2 200 rss-fp-1612893811.png
cdn1.pronostic-facile.fr/images/icones/16x16/ Frame E297 739 B
1 KB 45ms
22ms Image
image/png 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:28 GMT
via: 1.1 dcaf4d7094d3d4a2ebb1136fadd0b20a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG3-C2
age: 2221665
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 739
last-modified: Tue, 09 Feb 2021 18:03:31 GMT
server: cloudflare
etag: "6022ce73-2e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ2bcOPeowiz2a7bUuIAT48TslnKn%2B%2FEUcL%2FmJtaaFE%2Fsva70XBCIcBmm8Hx6p8OK320%2BR6r63QdKOQ7D09SGec%2FMt2Md5%2FIYhJJgm2tjvkrOge%2BjS%2FHTmNroNte8jjZbOVQUqiTyMjqOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 801c99e22bff3674-FRA
x-amz-cf-id: cdiXIGQTLHGvvkQ79AO4a75hVyRmjuuStsvmtSy5GASgN6tnoYGuSg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame E297 12 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2023 08:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f595dc-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63nQbeJs%2BMGTx7PR6UWBFil51%2FqPvZaIUF%2FnArx6oTa6yCvW8GmLsQ1kO6tvlOZd72p15xaoEHckyEBTTVea4aiI9NFdIjKEnqPukRiE%2FzNuSD3CE9ex%2BO0gPKv%2BAOUr0e0rasFjs942EbPTfZV3LL2%2FEiyPqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 801c99e209de906c-FRA
expires: Thu, 07 Sep 2023 07:01:28 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame E297 20 KB
7 KB 92ms
58ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:28 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 801c99e23f383679-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E297 180 KB
65 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5036215ba3da3487c8cf5d4ea411197bc19890c275597ee94b61dce2c8095fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66675
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Sep 2023 07:01:28 GMT

GET
DATA 200
OK truncated
/ Frame E297 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame E297 0
147 B 11ms
11ms XHR
text/plain 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/originalpmu/feed/all
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Sep 2023 07:01:28 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 801c99e2aa74906c-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E297 218 KB
77 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PEY0K16Y5K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd3721492d069ba4e8ca0ebfdf6785c965a3202b8fa0fa01e16a551a4ece6d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 07:01:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E297 52 KB
21 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 05:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4625
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Sep 2023 07:44:23 GMT

GET
H/1.1 200
OK casquette.png
geoloc5.geovisite.ovh/skin/geocounter/ Frame 18FA 4 KB
5 KB 17ms
17ms Image
image/png 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/geocounter/casquette.png
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 40ba84bac5d740e913d6c7035c8fe93eca31244fdb3564577c1af60847d1c262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:28 GMT
Last-Modified: Tue, 14 Apr 2015 12:26:12 GMT
Server: lighttpd/1.4.54
ETag: "303213619"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 4348
Expires: Wed, 20 Sep 2023 07:01:28 GMT

GET
H/1.1 200
OK loupe30.png
geoloc5.geovisite.ovh/skin/png/ Frame 18FA 30 KB
31 KB 50ms
33ms Image
image/png 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/png/loupe30.png
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 9d34a303f8c67d6d63830ae852e3368ec97c8237e82672fa2a144352d1ce9460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:28 GMT
Last-Modified: Mon, 15 Jan 2007 09:45:09 GMT
Server: lighttpd/1.4.54
ETag: "3728015203"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 31101
Expires: Wed, 20 Sep 2023 07:01:28 GMT

GET
H/1.1 200
OK loupe30.cur
geoloc5.geovisite.ovh/skin/png/ Frame 18FA 4 KB
4 KB 44ms
17ms Image
application/octet-stream 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/png/loupe30.cur
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 5f16ab826f87f46f60ad8c98c3bbed9a4273ff2da7843130b3036891251af5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:28 GMT
Last-Modified: Thu, 16 Apr 2015 09:42:42 GMT
Server: lighttpd/1.4.54
ETag: "1268945244"
Content-Type: application/octet-stream
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 3782
Expires: Wed, 20 Sep 2023 07:01:28 GMT

GET
H/1.1 200
OK globe.gif
geoloc5.geovisite.ovh/skin/geocounter/ Frame 18FA 168 KB
168 KB 50ms
17ms Image
image/gif 54.36.176.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoloc5.geovisite.ovh:4433/skin/geocounter/globe.gif
Requested by: Host: geoloc5.geovisite.ovh
URL: https://geoloc5.geovisite.ovh/private/geocounter_iframe_css_64.php?compte=9279n1qjl1j2&anim=1&b=1&ca=990000&cbg=FFFFFF&dn=0&f=Verdana&fc=000000&onl=OnLine&p=_total&s=10&skin=1&tp=Click%20for%20detail&ts=150x170&ttot=Total
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.176.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3092782.ip-54-36-176.eu
Software: lighttpd/1.4.54 /
Resource Hash: 587cdcf764cce58883c13701fe36bdc1a68984555b6f1dc4540cc5e92217fcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geoloc5.geovisite.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 07:01:28 GMT
Last-Modified: Tue, 28 Apr 2015 14:03:22 GMT
Server: lighttpd/1.4.54
ETag: "343773560"
Content-Type: image/gif
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 171894
Expires: Wed, 20 Sep 2023 07:01:28 GMT

GET
DATA 200
OK truncated
/ Frame 18FA 125 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75fd9de779c9eb6e630d92c268d0496eb4f5dfa61611b6ba6ae4be1caaf6b5a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 20ms
20ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=301089663&t=pageview&_s=1&dl=http%3A%2F%2Foriginal-pmu.blogspot.com%2F%3Fm%3D0&ul=en-us&de=UTF-8&dt=ORIGINAL-PMU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1490176167&gjid=325970914&cid=897850501.1693897288&tid=UA-135619294-1&_gid=807965124.1693897288&_r=1&_slc=1&gtm=45He38u0n81NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1558204&cd3=357205&cd4=(not%20set)&cd5=classic&z=376107106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7c7733e8636c67e4121a4a6b4ccc694169ca728763d2e90eafeb71cc00f20109

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://original-pmu.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 07:01:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://original-pmu.blogspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SBC94LXYJ0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

348d8cd81a231b20227550cf81dedcc762a609044996089355b418b511c45be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 07:01:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 46ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SBC94LXYJ0&gtm=45je38u0&_p=301089663&ul=en-us&sr=1600x1200&cid=897850501.1693897288&_eu=ABAI&_s=1&dl=http%3A%2F%2Foriginal-pmu.blogspot.com%2F%3Fm%3D0&dt=ORIGINAL-PMU&sid=1693897288&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=ALS-LIBS-CHECKOUT-15&ep.ua_dimension_2=1558204&ep.ua_dimension_3=357205&ep.ua_dimension_4=(not%20set)&ep.ua_dimension_5=classic
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SBC94LXYJ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 07:01:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://original-pmu.blogspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 64ms
64ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fca6f4eeba3ba7702828ace6e0dac30f49cd837917e9344fb17ba769c33ae749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11575
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 73ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 07:01:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 446D 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 05:49:15 GMT
expires: Wed, 04 Sep 2024 05:49:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E012 829 B
1 KB 70ms
24ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c364b42d22a561cfb1788c1f9342dabc8a63f4052eba8d9400433fe2583dad7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IdJy3c_j5DX6zfp0YGCPLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://original-pmu.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-IdJy3c_j5DX6zfp0YGCPLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 07:01:31 GMT
expires: Tue, 05 Sep 2023 07:01:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 446D 38 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 21:18:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 21:18:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E012 0
0 48ms
46ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=4304922265523039&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 446D 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oqipwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 07:01:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=4304922265523039&bg=!9fal9rnNAAYHwnCgJ8I7ADQBe5WfOAVOzhpH4Hubq3JqUNaUtWy8M5dG7gPxu6cDhU0X_HiDZDLw03v-rWSKfUytSEA9AgAAAFZSAAAABmgBBwoAY7euJzSXkYRJJn4FTsi7yrA-aFBfeohaU-egpDQnj_HFxXGAyLellqzEdOs_v3NO6h7jQhUPhfrcbegT6FJzYkkd3bN2cqeQ_Yujow5tobVWRcIVnq3hQ6dY5K9fQ_PGGhKSCpkCwQJpqtTrhpTu0TjUvRrnnOo6KaBaFkMM17U147X6uDXMIQY-GM66e2B6aO_qODzRC3MTAHPYM74iUyn3y91fzH5CuIYrVFNyKgtrmRCyo7Kt2_7TNZDOyWYZIkw9ssrG765UhgDc7vHKGQfhdqF12_2VChS4PA736FYVgQGgS7y0lV3LozmiYan76NbockLa8UyL7hBP9BMCBMJu4R_VNfwcV7FegkD4r6-acf9VHjDo-S6oqePePDisSgq5nGi63GtVtUZ2q3ijB_CPwEXeUMtwNOscPtUfrdBmiykFS0k3m50gRSffM_NmZ002f5B72_qvCBq6HBPA9AJMJNaU8R7uowRSH0LbTmUkf2fBOdIqbIvDGymY2r-0HACS539hcaHml98GaXreUcwq1P4-wr8ZC6WAQvYFOM1FI_AY3Rlv7nEfZCT_Pxta8Jo3IdgIOUBDZx0PDqXdTOj7K5RcB7kqEZkoaBYN7THb4FhkkP6dhwsd4TVK3-768I9MZoHwPLmCHQ0j2P5YRKlXh5jiyreCqsokxcC6brt2hJfUTBjFz1k2xZS-_7OOEuocRNIwKnn6YCOg3GKsu7oDUybgKSM7YYNnsVsGfkaDu6SHrJ3AVynkza5j4OPr_tRZ9lOhJgSV1YyvlPhjG05jlNys9nrfyUhK2TsqI8yvTaFei3y8Bj1sn2k9E0mXVD-xX92mIICdDzaBu1FxfLDhPGqxRFjlqMsbWfIJq1C6T-1H2oKtJbQ_Fr5cOIj2m0ApW7KwsPmExPdKT47Ho8b91QHl0IT6FV4oDg6W220rgk-dAE1_8tME04GnXh8vpKOPzl2_knaaJWSG7PpHguSDyqIxHoA3ZlMkwZzZrASlnqhdINuPpDKCMA1z3HOe9BYBmdYIt_VBd9Q1pv35hfyzlGtbsI1elDG81663q-ZFcuF2qjR5tQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://original-pmu.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 14:31:38	Name: test_cookie Value: CheckForPermission
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 1d500571-3895-4183-ac5c-3802d858dfcb
.allopass.com/	1970-01-20 23:17:13	Name: AP_CUSK Value: 3626719626
original-pmu.blogspot.com/	1970-01-20 14:41:42	Name: acceptcookie Value: ok
.original-pmu.blogspot.com/	1970-01-21 00:07:37	Name: _ga Value: GA1.3.897850501.1693897288
.original-pmu.blogspot.com/	1970-01-20 14:33:03	Name: _gid Value: GA1.3.807965124.1693897288
.original-pmu.blogspot.com/	1970-01-20 14:31:37	Name: _gat_UA-135619294-1 Value: 1
.original-pmu.blogspot.com/	1970-01-21 00:07:37	Name: _ga_SBC94LXYJ0 Value: GS1.3.1693897288.1.0.1693897288.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.hebdotop.com/cgi-bin/hebdotop.eur?id=303425 Message: Failed to load resource: the server responded with a status of 504 (Gateway Time-out)
network	error	URL: http://www.allosponsor.com/image/allosponsor_88x31.gif Message: Failed to load resource: the server responded with a status of 504 (Gateway Time-out)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
apis.google.com
blogs.netoo.com
cdn1.pronostic-facile.fr
fonts.gstatic.com
geoloc5.geovisite.ovh
googleads.g.doubleclick.net
img.root-top.com
original-pmu.blogspot.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
region1.google-analytics.com
resources.blogblog.com
static.cloudflareinsights.com
themes.googleusercontent.com
tpc.googlesyndication.com
uhit.eu
www.allosponsor.com
www.blogger.com
www.geny.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hebdotop.com
www.pronostic-facile.fr
www.rapidoweb.free.fr
www.uhit.eu
185.119.26.1
188.165.42.17
2001:4860:4802:34::36
212.27.63.105
212.83.183.115
2606:4700:3034::6815:15de
2606:4700:3034::ac43:c8d8
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2606:4700::6810:3865
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2009
2a00:1450:4001:812::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
34.102.200.23
5.196.53.228
54.36.176.112
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0f1917620a3a33ca16e84bb58ea89ee48dad221de013bfa383ab245c641f81f6
10b458539be48386e4f49d670aaf72cb3c210f545990663f8bb329ad6131064c
1237421ee201c5fb40954aff7e9a8e39d011d8ab10cd7be9ec682f8e79e96711
141b4add1ee6e11f0b21e431d6e481158a8761c649524cc1d364940633bef863
1c364b42d22a561cfb1788c1f9342dabc8a63f4052eba8d9400433fe2583dad7
1ca14fc470f9f6d0096b3afb7d3fdf509210bac3ae9404f01dd2699a0c02dda5
21b49318fd4b1f5d1bdb2e53293c578dce16464189cb2188d4cac11f62e1598f
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab
2ebcd5cea30bcdc8b890b5886967b28cad87b1ca72b7f5d2c15a2d7370b174d5
31bb37ccaa8b7ce86cfaa3111d58a8ead5295dc1014a18383c7193e2c7ebebf7
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
348d8cd81a231b20227550cf81dedcc762a609044996089355b418b511c45be4
380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047
3b9ed92648425393a41f6eaec5d1c1d992c91029ad1704da4cc6a3fe5d98cf99
3cf6cd65a489cec9e2772408e6d8e0558c780209c2ce0de73393c2d14f750406
3d47b80895aa071da66c243d0515ad6d4cb46144c61b2f94dab8477ef83c5e3f
40ba84bac5d740e913d6c7035c8fe93eca31244fdb3564577c1af60847d1c262
428921331c37e4949f9a73bea7e09750840b551e786090f36d211de7b21329e8
4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3
5036215ba3da3487c8cf5d4ea411197bc19890c275597ee94b61dce2c8095fcb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57123125641227529c927c49edab1ba420dafbfc777ff54430fea14f686a2bd4
587cdcf764cce58883c13701fe36bdc1a68984555b6f1dc4540cc5e92217fcc2
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5f16ab826f87f46f60ad8c98c3bbed9a4273ff2da7843130b3036891251af5ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69c358d01d2ca3161faa7ce60bcba0d144f8f62db451d7297e8b5f8f2ef91e55
6a5744bdc6e361c95e2ae0959aa47a42f5799b5292025a5977afb7888d2f37d0
6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
75fd9de779c9eb6e630d92c268d0496eb4f5dfa61611b6ba6ae4be1caaf6b5a2
7c7733e8636c67e4121a4a6b4ccc694169ca728763d2e90eafeb71cc00f20109
7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
8ce1bf3234fff44da8c5e2e28b9255bd7cb0b191acbdaa0e1d63815b94327988
8d0a25878d7333cfffa2b08390b7f920fdd406922e3f55494529578e8807e91e
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
97b747411df1076bee98cb066be2c8ef9996880ddac718c7b5459b022b71bc14
99cc06e9ff11236fc96dfbc21c6009253a0ac0a28c5dfb08af429d71c8e7edc5
9d34a303f8c67d6d63830ae852e3368ec97c8237e82672fa2a144352d1ce9460
9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54af5a0949a40cde9b1cddc22374a0f13430856bdd24a874daa42e78b71aff9
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d93bf5fc89ef418ce7efec2e749ef0d2167504896f0a3e587aa471be33213a63
d9d309e9e551cf6eb930544a61f51a74d57a442a4aaced61a8abfdc77fec7865
dc7199867a4710da0d4701512407aa7f1c02f0e0c0d909ea0eea4b9ada1aa6db
dd3721492d069ba4e8ca0ebfdf6785c965a3202b8fa0fa01e16a551a4ece6d7c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98e1802d6c84b348969c428c14b5eef73dbe33744477d92b7700b7c9777ce62
f9d47511942292fa18aa5986ff4edcd5f34db1c5ad9063ad555a937c8495e98e
fca6f4eeba3ba7702828ace6e0dac30f49cd837917e9344fb17ba769c33ae749

original-pmu.blogspot.com Open in urlscan Pro 2a00:1450:4001:830::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

65 %HTTPS

73 %IPv6

22 Domains

28 Subdomains

25 IPs

3 Countries

2627 kBTransfer

4183 kBSize

8 Cookies

51 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

original-pmu.blogspot.com Open in urlscan Pro
2a00:1450:4001:830::2001 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

65 %
HTTPS

73 %
IPv6

22
Domains

28
Subdomains

25
IPs

3
Countries

2627 kB
Transfer

4183 kB
Size

8
Cookies

84 HTTP transactions
2 data transactions